Overview

overview

8

Static

static

1

1.txt

windows10-2004-x64

8

Analysis

  • max time kernel
    1041s
  • max time network
    1035s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-07-2024 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1.txt

  • Size

    1B

  • MD5

    c4ca4238a0b923820dcc509a6f75849b

  • SHA1

    356a192b7913b04c54574d18c28d46e6395428ab

  • SHA256

    6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

  • SHA512

    4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Score
8/10
bootkitevasionmacromacro_on_actionpersistenceprivilege_escalation

Malware Config

Signatures

  • Downloads MZ/PE file
  • Modifies Windows Firewall 2 TTPs 1 IoCs
    evasion
  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file 2 IoCs
  • Executes dropped EXE 7 IoCs
  • Drops desktop.ini file(s) 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 57 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Event Triggered Execution: Netsh Helper DLL 1 TTPs 3 IoCs

    Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

    persistenceprivilege_escalation
  • Checks SCSI registry key(s) 3 TTPs 20 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 20 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 36 IoCs
  • Kills process with taskkill 1 IoCs
    evasion
  • Modifies registry class 6 IoCs
  • NTFS ADS 6 IoCs
  • Opens file in notepad (likely ransom note) 2 IoCs
    ransomware
  • Runs net.exe
  • Suspicious behavior: AddClipboardFormatListener 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 11 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 50 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\1.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3272
  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\StepRegister.cmd" "
    1⤵
    • NTFS ADS
    PID:3456
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x404 0x2f4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3724
  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\StepRegister.cmd" "
    1⤵
    • NTFS ADS
    PID:3468
  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\StepRegister.cmd" "
    1⤵
    • NTFS ADS
    PID:2504
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1900
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
      2⤵
        PID:4168
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 /prefetch:2
        2⤵
          PID:3000
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4060
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
          2⤵
            PID:1076
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
            2⤵
              PID:4872
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
              2⤵
                PID:5044
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
                2⤵
                  PID:916
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
                  2⤵
                    PID:3608
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3744 /prefetch:8
                    2⤵
                      PID:3328
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3744 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:4368
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
                      2⤵
                        PID:920
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
                        2⤵
                          PID:744
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                          2⤵
                            PID:1900
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
                            2⤵
                              PID:2600
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
                              2⤵
                                PID:3588
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4732 /prefetch:8
                                2⤵
                                  PID:3824
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5408 /prefetch:8
                                  2⤵
                                  • Modifies registry class
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:1860
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                                  2⤵
                                    PID:1128
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:1936
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
                                    2⤵
                                      PID:2408
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2144 /prefetch:1
                                      2⤵
                                        PID:4472
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6112 /prefetch:8
                                        2⤵
                                          PID:2516
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
                                          2⤵
                                            PID:2676
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6048 /prefetch:8
                                            2⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:2936
                                          • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
                                            "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Downloads\metrofax.doc" /o ""
                                            2⤵
                                            • Checks processor information in registry
                                            • Enumerates system info in registry
                                            • Suspicious behavior: AddClipboardFormatListener
                                            • Suspicious use of SetWindowsHookEx
                                            PID:2328
                                            • C:\Windows\splwow64.exe
                                              C:\Windows\splwow64.exe 12288
                                              3⤵
                                                PID:1352
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
                                              2⤵
                                                PID:5352
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5364
                                              • C:\Windows\system32\NOTEPAD.EXE
                                                "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BonziKill.txt
                                                2⤵
                                                • Opens file in notepad (likely ransom note)
                                                PID:5760
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6952 /prefetch:8
                                                2⤵
                                                  PID:5896
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
                                                  2⤵
                                                    PID:5576
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
                                                    2⤵
                                                      PID:5596
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
                                                      2⤵
                                                        PID:4824
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
                                                        2⤵
                                                          PID:4988
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
                                                          2⤵
                                                            PID:2328
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:4092
                                                          • C:\Windows\system32\cmd.exe
                                                            C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\L0Lz.bat" "
                                                            2⤵
                                                              PID:2872
                                                              • C:\Windows\system32\net.exe
                                                                net session
                                                                3⤵
                                                                  PID:1064
                                                                  • C:\Windows\system32\net1.exe
                                                                    C:\Windows\system32\net1 session
                                                                    4⤵
                                                                      PID:1052
                                                                  • C:\Windows\system32\net.exe
                                                                    net stop "SDRSVC"
                                                                    3⤵
                                                                      PID:2268
                                                                      • C:\Windows\system32\net1.exe
                                                                        C:\Windows\system32\net1 stop "SDRSVC"
                                                                        4⤵
                                                                          PID:1128
                                                                      • C:\Windows\system32\net.exe
                                                                        net stop "WinDefend"
                                                                        3⤵
                                                                          PID:3488
                                                                          • C:\Windows\system32\net1.exe
                                                                            C:\Windows\system32\net1 stop "WinDefend"
                                                                            4⤵
                                                                              PID:1504
                                                                          • C:\Windows\system32\taskkill.exe
                                                                            taskkill /f /t /im "MSASCui.exe"
                                                                            3⤵
                                                                            • Kills process with taskkill
                                                                            • Suspicious use of AdjustPrivilegeToken
                                                                            PID:5004
                                                                          • C:\Windows\system32\net.exe
                                                                            net stop "security center"
                                                                            3⤵
                                                                              PID:4176
                                                                              • C:\Windows\system32\net1.exe
                                                                                C:\Windows\system32\net1 stop "security center"
                                                                                4⤵
                                                                                  PID:5312
                                                                              • C:\Windows\system32\net.exe
                                                                                net stop sharedaccess
                                                                                3⤵
                                                                                  PID:5292
                                                                                  • C:\Windows\system32\net1.exe
                                                                                    C:\Windows\system32\net1 stop sharedaccess
                                                                                    4⤵
                                                                                      PID:5216
                                                                                  • C:\Windows\system32\netsh.exe
                                                                                    netsh firewall set opmode mode-disable
                                                                                    3⤵
                                                                                    • Modifies Windows Firewall
                                                                                    • Event Triggered Execution: Netsh Helper DLL
                                                                                    PID:4464
                                                                                  • C:\Windows\system32\net.exe
                                                                                    net stop "wuauserv"
                                                                                    3⤵
                                                                                      PID:5336
                                                                                      • C:\Windows\system32\net1.exe
                                                                                        C:\Windows\system32\net1 stop "wuauserv"
                                                                                        4⤵
                                                                                          PID:5232
                                                                                      • C:\Windows\system32\cmd.exe
                                                                                        C:\Windows\system32\cmd.exe /S /D /c" echo tasklist "
                                                                                        3⤵
                                                                                          PID:5368
                                                                                        • C:\Windows\system32\find.exe
                                                                                          find /I "L0Lz"
                                                                                          3⤵
                                                                                            PID:5504
                                                                                          • C:\Windows\system32\xcopy.exe
                                                                                            XCOPY "BitcoinMiner.bat" "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
                                                                                            3⤵
                                                                                            • Drops startup file
                                                                                            PID:1508
                                                                                          • C:\Windows\system32\xcopy.exe
                                                                                            XCOPY "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitcoinMiner.bat"
                                                                                            3⤵
                                                                                              PID:5760
                                                                                            • C:\Windows\system32\xcopy.exe
                                                                                              XCOPY "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitcoinMiner.bat"
                                                                                              3⤵
                                                                                                PID:5776
                                                                                              • C:\Windows\system32\xcopy.exe
                                                                                                XCOPY "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitcoinMiner.bat"
                                                                                                3⤵
                                                                                                  PID:5868
                                                                                                • C:\Windows\system32\xcopy.exe
                                                                                                  XCOPY "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitcoinMiner.bat"
                                                                                                  3⤵
                                                                                                    PID:1836
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5132
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6172 /prefetch:8
                                                                                                    2⤵
                                                                                                      PID:1428
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8
                                                                                                      2⤵
                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                      PID:2948
                                                                                                    • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                      "C:\Users\Admin\Downloads\MEMZ.exe"
                                                                                                      2⤵
                                                                                                      • Checks computer location settings
                                                                                                      • Executes dropped EXE
                                                                                                      PID:1772
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                        3⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:5256
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                        3⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:5268
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                        3⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:5284
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                        3⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:4464
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                        3⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:2460
                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                        "C:\Users\Admin\Downloads\MEMZ.exe" /main
                                                                                                        3⤵
                                                                                                        • Checks computer location settings
                                                                                                        • Executes dropped EXE
                                                                                                        • Writes to the Master Boot Record (MBR)
                                                                                                        • Modifies registry class
                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                        PID:1084
                                                                                                        • C:\Windows\SysWOW64\notepad.exe
                                                                                                          "C:\Windows\System32\notepad.exe" \note.txt
                                                                                                          4⤵
                                                                                                            PID:5336
                                                                                                          • C:\Windows\SysWOW64\mmc.exe
                                                                                                            "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
                                                                                                            4⤵
                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                            PID:6064
                                                                                                            • C:\Windows\system32\mmc.exe
                                                                                                              "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
                                                                                                              5⤵
                                                                                                              • Drops file in System32 directory
                                                                                                              • Drops file in Windows directory
                                                                                                              • Checks SCSI registry key(s)
                                                                                                              • Suspicious behavior: GetForegroundWindowSpam
                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:3924
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download
                                                                                                            4⤵
                                                                                                              PID:2380
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                5⤵
                                                                                                                  PID:5528
                                                                                                              • C:\Windows\SysWOW64\notepad.exe
                                                                                                                "C:\Windows\System32\notepad.exe"
                                                                                                                4⤵
                                                                                                                  PID:3224
                                                                                                                • C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
                                                                                                                  "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
                                                                                                                  4⤵
                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                  PID:3320
                                                                                                                  • C:\Windows\splwow64.exe
                                                                                                                    C:\Windows\splwow64.exe 12288
                                                                                                                    5⤵
                                                                                                                      PID:4580
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
                                                                                                                    4⤵
                                                                                                                    • Enumerates system info in registry
                                                                                                                    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                    • Suspicious use of SendNotifyMessage
                                                                                                                    PID:6064
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                      5⤵
                                                                                                                        PID:3984
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
                                                                                                                        5⤵
                                                                                                                          PID:5848
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
                                                                                                                          5⤵
                                                                                                                            PID:1356
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8
                                                                                                                            5⤵
                                                                                                                              PID:6056
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
                                                                                                                              5⤵
                                                                                                                                PID:3148
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
                                                                                                                                5⤵
                                                                                                                                  PID:4900
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
                                                                                                                                  5⤵
                                                                                                                                    PID:6008
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
                                                                                                                                    5⤵
                                                                                                                                      PID:2900
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3628 /prefetch:8
                                                                                                                                      5⤵
                                                                                                                                        PID:4584
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3628 /prefetch:8
                                                                                                                                        5⤵
                                                                                                                                          PID:4208
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
                                                                                                                                          5⤵
                                                                                                                                            PID:4524
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
                                                                                                                                            5⤵
                                                                                                                                              PID:3852
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,12585290750799552675,17022537035399366937,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
                                                                                                                                              5⤵
                                                                                                                                                PID:3652
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi
                                                                                                                                              4⤵
                                                                                                                                              • Enumerates system info in registry
                                                                                                                                              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                              PID:2268
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                5⤵
                                                                                                                                                  PID:5296
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
                                                                                                                                                  5⤵
                                                                                                                                                    PID:700
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
                                                                                                                                                    5⤵
                                                                                                                                                      PID:3968
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
                                                                                                                                                      5⤵
                                                                                                                                                        PID:5712
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
                                                                                                                                                        5⤵
                                                                                                                                                          PID:4004
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
                                                                                                                                                          5⤵
                                                                                                                                                            PID:5352
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
                                                                                                                                                            5⤵
                                                                                                                                                              PID:2400
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                                                                                                                                                              5⤵
                                                                                                                                                                PID:5464
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3620 /prefetch:8
                                                                                                                                                                5⤵
                                                                                                                                                                  PID:552
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,5544846575866615089,2500805344595052612,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3620 /prefetch:8
                                                                                                                                                                  5⤵
                                                                                                                                                                    PID:4312
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download
                                                                                                                                                                  4⤵
                                                                                                                                                                  • Enumerates system info in registry
                                                                                                                                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                  PID:5468
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                    5⤵
                                                                                                                                                                      PID:5544
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
                                                                                                                                                                      5⤵
                                                                                                                                                                        PID:2828
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
                                                                                                                                                                        5⤵
                                                                                                                                                                          PID:776
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3004 /prefetch:8
                                                                                                                                                                          5⤵
                                                                                                                                                                            PID:4428
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
                                                                                                                                                                            5⤵
                                                                                                                                                                              PID:4492
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                                                                                                                                                                              5⤵
                                                                                                                                                                                PID:2928
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
                                                                                                                                                                                5⤵
                                                                                                                                                                                  PID:2084
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
                                                                                                                                                                                  5⤵
                                                                                                                                                                                    PID:1776
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 /prefetch:8
                                                                                                                                                                                    5⤵
                                                                                                                                                                                      PID:2780
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,12719030033740563349,14506484218544399053,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 /prefetch:8
                                                                                                                                                                                      5⤵
                                                                                                                                                                                        PID:1072
                                                                                                                                                                                    • C:\Windows\SysWOW64\notepad.exe
                                                                                                                                                                                      "C:\Windows\System32\notepad.exe"
                                                                                                                                                                                      4⤵
                                                                                                                                                                                        PID:4936
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
                                                                                                                                                                                        4⤵
                                                                                                                                                                                        • Enumerates system info in registry
                                                                                                                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                                        PID:1208
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                          5⤵
                                                                                                                                                                                            PID:4068
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
                                                                                                                                                                                            5⤵
                                                                                                                                                                                              PID:3212
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
                                                                                                                                                                                              5⤵
                                                                                                                                                                                                PID:5356
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
                                                                                                                                                                                                5⤵
                                                                                                                                                                                                  PID:2964
                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                    PID:748
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                      PID:2308
                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3016 /prefetch:1
                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                        PID:1436
                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                          PID:3428
                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                            PID:4212
                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                              PID:4536
                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                PID:4540
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,7474279250453382613,1658386019244209046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                  PID:2828
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                • Enumerates system info in registry
                                                                                                                                                                                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                                                                PID:1444
                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                    PID:5812
                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                      PID:5344
                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                        PID:1500
                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                          PID:5956
                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                            PID:2604
                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                              PID:3840
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                PID:6088
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                  PID:4928
                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 /prefetch:8
                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                    PID:216
                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,6775088228936262565,465503573087232348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 /prefetch:8
                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                      PID:5912
                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                    • Enumerates system info in registry
                                                                                                                                                                                                                                    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                                                                                    PID:3236
                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                        PID:2716
                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2
                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                          PID:5752
                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                            PID:3024
                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                              PID:1332
                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                PID:4408
                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                  PID:6136
                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                    PID:536
                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                      PID:3956
                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3820 /prefetch:8
                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                        PID:2752
                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3820 /prefetch:8
                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                          PID:1956
                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1
                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                            PID:4728
                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                              PID:5448
                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                PID:5640
                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,2711477584980998271,9897699017397520875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                  PID:5644
                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                • Enumerates system info in registry
                                                                                                                                                                                                                                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                                                                                                                PID:3252
                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                                    PID:4864
                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                      PID:1160
                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 /prefetch:3
                                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                                        PID:3964
                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
                                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                                          PID:3808
                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
                                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                                            PID:5336
                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
                                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                                              PID:1268
                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
                                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                                PID:5372
                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
                                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                                  PID:3796
                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 /prefetch:8
                                                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                                                    PID:4120
                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 /prefetch:8
                                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                                      PID:5584
                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1
                                                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                                                        PID:2440
                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
                                                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                                                          PID:5996
                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
                                                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                                                            PID:3496
                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,16242251934371592583,1684663328787932207,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                                                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                                                              PID:1656
                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                                                            PID:5688
                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                            • Enumerates system info in registry
                                                                                                                                                                                                                                                                                            PID:4968
                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                                                PID:4008
                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
                                                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                                                  PID:4032
                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
                                                                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                                                                    PID:2648
                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
                                                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                                                      PID:3744
                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
                                                                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                                                                        PID:2612
                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
                                                                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                                                                          PID:5664
                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
                                                                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                                                                            PID:1128
                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
                                                                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                                                                              PID:1852
                                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
                                                                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                                                                PID:5984
                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,11502825589408164731,16622095670821187948,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
                                                                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                                                                  PID:5596
                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=best+way+to+kill+yourself
                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                • Enumerates system info in registry
                                                                                                                                                                                                                                                                                                                PID:4280
                                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                                                                                    PID:2356
                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
                                                                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                                                                      PID:4268
                                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
                                                                                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                                                                                        PID:1904
                                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
                                                                                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                                                                                          PID:4976
                                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
                                                                                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                                                                                            PID:400
                                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
                                                                                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                                                                                              PID:5908
                                                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
                                                                                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                                                                                PID:5328
                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                                                                                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                                                                                  PID:692
                                                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
                                                                                                                                                                                                                                                                                                                                  5⤵
                                                                                                                                                                                                                                                                                                                                    PID:664
                                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
                                                                                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                                                                                      PID:5324
                                                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
                                                                                                                                                                                                                                                                                                                                      5⤵
                                                                                                                                                                                                                                                                                                                                        PID:1264
                                                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
                                                                                                                                                                                                                                                                                                                                        5⤵
                                                                                                                                                                                                                                                                                                                                          PID:320
                                                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
                                                                                                                                                                                                                                                                                                                                          5⤵
                                                                                                                                                                                                                                                                                                                                            PID:4128
                                                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                                                                                                                                                                                                                                                                                                                                            5⤵
                                                                                                                                                                                                                                                                                                                                              PID:3520
                                                                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
                                                                                                                                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                                                                                                                                                PID:4064
                                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2417182331565342937,8628998256648958962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
                                                                                                                                                                                                                                                                                                                                                5⤵
                                                                                                                                                                                                                                                                                                                                                  PID:1636
                                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                  PID:4872
                                                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9ea8746f8,0x7ff9ea874708,0x7ff9ea874718
                                                                                                                                                                                                                                                                                                                                                    5⤵
                                                                                                                                                                                                                                                                                                                                                      PID:2728
                                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
                                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                                  PID:5404
                                                                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                    PID:5696
                                                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16752373910733743004,8662561528997695815,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1
                                                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                                                      PID:4920
                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                      PID:1500
                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                        PID:400
                                                                                                                                                                                                                                                                                                                                                      • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
                                                                                                                                                                                                                                                                                                                                                        "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /Automation -Embedding
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                        • Enumerates system info in registry
                                                                                                                                                                                                                                                                                                                                                        • NTFS ADS
                                                                                                                                                                                                                                                                                                                                                        • Suspicious behavior: AddClipboardFormatListener
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                                                                                                                        PID:1936
                                                                                                                                                                                                                                                                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                          PID:4100
                                                                                                                                                                                                                                                                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                                                                            • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                            • Modifies registry class
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of FindShellTrayWindow
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                                                                                                                            PID:4240
                                                                                                                                                                                                                                                                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2032 -parentBuildID 20240401114208 -prefsHandle 1964 -prefMapHandle 1960 -prefsLen 25753 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a491b66-cb85-4f6b-af32-86f9398ffcb8} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" gpu
                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                PID:2268
                                                                                                                                                                                                                                                                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2448 -parentBuildID 20240401114208 -prefsHandle 2424 -prefMapHandle 2420 -prefsLen 25789 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {534a0d71-b1ff-4602-b158-67e02811f793} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" socket
                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                                PID:2732
                                                                                                                                                                                                                                                                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3180 -childID 1 -isForBrowser -prefsHandle 3172 -prefMapHandle 3168 -prefsLen 25930 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f44232d6-6ce3-4917-bfd1-4dc4ba684f7d} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" tab
                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                  PID:3580
                                                                                                                                                                                                                                                                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3336 -childID 2 -isForBrowser -prefsHandle 3540 -prefMapHandle 3684 -prefsLen 31163 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8052ca2c-d26d-451f-b0e2-c5d0592b16cc} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" tab
                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                    PID:4444
                                                                                                                                                                                                                                                                                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4760 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4788 -prefMapHandle 4784 -prefsLen 31163 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f3262cf-dbec-47f7-bbc1-7b2c7ca8839b} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" utility
                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                    • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                                    PID:5388
                                                                                                                                                                                                                                                                                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5352 -childID 3 -isForBrowser -prefsHandle 5336 -prefMapHandle 5328 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae37aa0f-5b08-4750-ad07-c4807f134b5e} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" tab
                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                      PID:5860
                                                                                                                                                                                                                                                                                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5544 -childID 4 -isForBrowser -prefsHandle 5624 -prefMapHandle 5620 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6adee518-225c-44f1-bca2-63029c434d32} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" tab
                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:5872
                                                                                                                                                                                                                                                                                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5764 -childID 5 -isForBrowser -prefsHandle 5528 -prefMapHandle 5532 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1268 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c86cdd15-6fc3-4827-afc9-6ebafc3ef5ff} 4240 "\\.\pipe\gecko-crash-server-pipe.4240" tab
                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                          PID:5884
                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:5552
                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Guard.bat" "
                                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                                          PID:4040
                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\BitcoinMiner.bat" "
                                                                                                                                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                                                                                                                                            PID:3120
                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                              Reg Add "" /v "BSOD" /t "REG_SZ" /d "C:\Users\Admin\Downloads\L0Lz.bat" /f
                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                PID:5840
                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Guard.bat" "
                                                                                                                                                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                                                                                                                                                PID:3752
                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Guard.bat" "
                                                                                                                                                                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                                                                                                                                                                  PID:5468
                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Guard.bat" "
                                                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                                                    PID:5148
                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Guard.bat" "
                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                      PID:316
                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\BitcoinMiner.bat" "
                                                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                                                        PID:2936
                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                          Reg Add "" /v "BSOD" /t "REG_SZ" /d "C:\Users\Admin\Downloads\L0Lz.bat" /f
                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                            PID:1072
                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\BitcoinMiner.bat" "
                                                                                                                                                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                                                                                                                                                            PID:2900
                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                              Reg Add "" /v "BSOD" /t "REG_SZ" /d "C:\Users\Admin\Downloads\L0Lz.bat" /f
                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                PID:2960
                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\BitcoinMiner.bat" "
                                                                                                                                                                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                                                                                                                                                                PID:752
                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\reg.exe
                                                                                                                                                                                                                                                                                                                                                                                                  Reg Add "" /v "BSOD" /t "REG_SZ" /d "C:\Users\Admin\Downloads\L0Lz.bat" /f
                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                    PID:5732
                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\system32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
                                                                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                                                                    PID:4448
                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\system32\AUDIODG.EXE 0x404 0x2f4
                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                                                                                    PID:1612
                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                      PID:5604
                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                                                                        PID:5672
                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                                                                          PID:4148
                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                                                                                                                                                                            PID:2872
                                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
                                                                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                                                                            • Drops desktop.ini file(s)
                                                                                                                                                                                                                                                                                                                                                                                                            • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                                                                            • Modifies registry class
                                                                                                                                                                                                                                                                                                                                                                                                            PID:332
                                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                                                                              PID:3196
                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                PID:4816
                                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1500
                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                    PID:3100
                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                      PID:4992
                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                        PID:692
                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                          PID:5920
                                                                                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                            PID:4628
                                                                                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                              PID:4816
                                                                                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                PID:5480
                                                                                                                                                                                                                                                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:2324
                                                                                                                                                                                                                                                                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:3264
                                                                                                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:4372
                                                                                                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:4980

                                                                                                                                                                                                                                                                                                                                                                                                                                      Network

                                                                                                                                                                                                                                                                                                                                                                                                                                      MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                                                                                                                                                                                                      Replay Monitor

                                                                                                                                                                                                                                                                                                                                                                                                                                      Loading Replay Monitor...

                                                                                                                                                                                                                                                                                                                                                                                                                                      Downloads

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        471B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7d91fb308993cf42404618bdc67ce7c9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8172dff9b4a2d9ca6914bb6791c20f2dd63022ad

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        92dc48b8ab56e2c17ef0e23e56b5754ac87961be32c880cd5399153adea86f1e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3926850bf4e7f41915bb87ce3c89a980c15080ebc5a64fcbf25b7acbdf53957c3bd938b4cb26d77ed57c86b7e90ef6187e3745e06cac74191662d1881726d9e0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        412B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2e04a184478804394a782324fd06a1cf

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        49ddca43ee2825698994c4c8a80f4da38028e7a1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ee3f049159d85015223a759cf09faeb65d9a72e8e9d6312b9cd79c6f9e0db296

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ac163df5c1b0580f87164ba17d958664ddb4348fdc4bffc5aacdf75236ea505814cbe4a1e4c80137f5718485a619cfe68dc4d44114c7bb28373aabd205ba1845

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        bafce9e4c53a0cb85310891b6b21791b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5d70027cc137a7cbb38f5801b15fd97b05e89ee2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b66734c1052c4f66e725054b3a65ed57

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        3ff026122101dc4a83dd16cff73576b5c2fdc8a3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        17810d2752553f0c387cb0c50b4c625e27fec48d73e9c7934d7b8d100ccd0b9d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3bcbde3bd581d7842de895e846d35a0cc84894e3d460fbf26565cf63d9634f14ab913e41885fac7f41e5350ca0874bdbc544992c5575b54ae93d627968c194b1

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        71cc8f1ffa3ce377aa9290a9e045e85c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        cbb8b2add39ccb2b1392be3575adb44ef7d1eb4b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6dd2af9f4c30b89420e33d60ae2aebed5115aa51149192125eaf7f2b1863093d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2336169c7738a3a5589660dcc1543df7ea431097165ef39a782f4d42a864b4629dd82be840c20ff2b689044bf019a4879ee5f1cd4ffb233861220544a2dc2e3c

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3c31db44fab277276818e2ce983fdaff

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ef2507946ad4360dffbde0ce03046256f42e93d3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        42bd7851241c129e611371784f1795d37ad467fae717c1afc3db4e5ed8e286b1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        5826c0a50b0a3c5d3877a22df9c8e94d3b20fb5adb31ecdc7309249fb8c0aa0c6e2712913a49718dde532500902dea65d87c0095d7da4d4f73750db9dd2b9784

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        9137f74fed52151b3a17dd1df3511da7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        28446cf566b93f8d5c7f7ee4bbf1ae1039d636c0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e0fd8c0d9bfecbc71cbcc160ca438f6b0177d285b2584573e2bb5dc9d829bcd1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        76b3b2ab1357355a24c097a290de78ae5ccc1f2140f65079f050ed9c3cfb8ea71906b8e1aca8e98db8445b7516c7a49ba6c86dca5539eaebf439e6d1a20385e0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        cdd02feba79c79839b2ee93807d59ee6

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a338a62ab4678edd83f16d87480e953db08025e1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        013f6b417f6925aea099265a5157799bf2104346a30c564f3daab7231ecda0fc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        39a90cca78c78af191948b9209fe89fa6e3683c2c3c7e8c3bb2c2644d066636c6851a85aaada85095580f49d5cbc7b03e45e86bcb4c9b649267e268340b9ea34

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fe962b1688195dcdd104d3a0b41be30

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        c150a1d7c3640f1d56cd1a4896b2e694261cddba

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b2a01d0ae7c249bb512519259d2889a25862a6a23b7fa2df99ef58118d55c843

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        f7a29a8986fad57958b45f692a1141767a13c8e7b8659af92ba24ca44f51959fbb08348fab786a4891cef47f5f6e8ec7c1b0eb2bc3bb77b32c62210fbc354669

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        a3cbf11ce79f0e28d24f3b9810e5e675

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8c161072f66094990604aee26aa73c16ef5e83ee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bb1ee6b8022fd05342888007d3e37bffcc64bdf7b687cce61d48668b039ee59f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2076242700da0acf2b468f44be81b858d771b977d1f002c0986ed4154813ef50f39626969fa81deb66c2f417f61092bedf717299d6e4d83c7cdb93a5219a3445

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f1d2a70a7148a4f5777dde01dd6ea7cb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        bc5e97f2c60f955ceb21022b054a0f463b032182

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0bd82f1154456f87701c93911cb6697629991be477348292915eedefaad8f00b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        00da0d05c96270e6d6150febec8cca862038b03a1a04d49e547217131cee29d279942f1d43f55cdf47f125fe6b10ce4657fef51b19ce93046e8e42eaa4c480ca

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        bad702965fee2b9dc12b315a7375ac4f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        12cb892f5b4440ad9858419e0c1e4cb8517088d2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6ae225f2ceee9d254aaa4626aec81de87f16e25206766c96fd4dbf729427d0ee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        85336b809809e38c1e4534c575f15564894d4682c3c2341eae525857010fc2f2f17377489186cbb4824a10f724e63d5765e1a5f7be00fa235bfb5d53ed84f5a5

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        152B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        a499254d6b5d91f97eb7a86e5f8ca573

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\07eb935d-782f-4b72-b2ef-a256a5affc10.tmp
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        7KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        40f237c8c9e8886b5d83896f8e408f79

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        aad3aac265f5404396d0a38d0d0adc648adaa71f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        73e3c4a2a9c3fd0228dc18c84fa35cce8f34ddd59fbd6faf9b7b129103c8fd08

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        6138836f2ee5870afb70a9c108f38bc82fc7b7b9f289b6396ad12698b7379df903267977d2a2e685c8b9ba622ed9aabd9f7125afc2a112337d13adb450dbeae1

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0b1e4faf-54e3-45ca-a91b-fe3c7e0cc604.tmp
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        44KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b6ac4d0aedc221934c2ac40853313cdc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e21d7a73e424bf5bebcc4130afe517dde9f882ca

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f928661e55b2bf1572f9f4732c7e1e3ace00f296aac2e1ed044fef0458abfe61

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        883a44b843b22cc6bcc4ca2915b09d24cbdcb71821dd10646e8695dd8f71f4c50db4af5c7756209d834af4a0e41db79b724f3a3286b18755a135f53df9f94fb4

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        211KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        151fb811968eaf8efb840908b89dc9d4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7ec811009fd9b0e6d92d12d78b002275f2f1bee1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7b85511e25a684042f02551441c0766a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8ce2de839d14829984e40a0229d9b76273c0f835

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        beaca9a50e5d8ed850d3147bc22fad7a3ac85663b08a96c0beca22215ac81131

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        85eb48de7863af0046dfcbdfa9f6d34f9d0f9e1db32bbec3755a8ffdef34879487ef1e6ad0381e8448d02ed1a1afcad32ca0035e025c7905bc828914e9f857cd

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        74d0c363835d8d7aebf7addcce2bb06a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7c766e80ba0354cbb594535f7c9a1b9b7a122792

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        20352b7ad6e54c6f883c14519f27804d0b0a0cebaaa7084932a78f7ef96098ed

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3ae46b49bcbf969fd638e4d7953468c0bfbbcbdb7134607c59daf434cd5f356bac36ccc40a0618d1ccb6e0fdde7525fa0d891146dc6d535e8a7712f10b880372

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        96d0cbfb8bb4e3249c9c0123344f7c77

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        23c0460231721a9fa8272da12b13b4304f858b96

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        714a549ce3b040b660086832750a5accd1de6ec4a41c70e9fb075504601a0cd2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        f9f299b2a41966f93ddf0e1129cf688afda586951cdc1d21ea3b5cd931c18b9b1f782fb5e52dff721eb707c6c7bbb1b78bffe5a32f29711c2835014de1a10e0f

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7837ca237e852b4297998f989d823efd

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        298bff078fa66833ec5aaff959e628b36d253383

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ab865ede20a7fe22d0d1138db4589a8369ef6ff77d33480608541f07fc67b48d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        a20473a1b7b3726b0f9581e0de5dc355f3a0677a7d2c9b1f0c4404b0f8164a871a960683c68e4dd9579287cbc1ecdd992fb1ad6659668bb42945af4d643de048

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        bc401f0c76a54e7c467f4c04ddcee448

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8874fbe3e9ce87b1a29be401c04ce3448d970b7c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0c9194dcf493392a355b632f3c7190425420570543e055f557222297b1436335

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        a73f81fdde0cc0f33038e1037aa722076a47718c32a4daf78579fcca6bd665d88b7ed0353b107f44255240bbc89b58a98619b76c522726e1cbaa2eb8831d08e7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0bb6579bf8ed9ef52dfe5619ad8f4c13

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        49eed3df3c12ffe396801cc507b888dfd3878d4f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        120daf8d37e52e9b7f2b909059e6fb5072122b4da58421aa95a11664e9469a31

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        66628d7a23e1ca1cf199f3b732441e5fbf3ea15c77b972b14e3e7a96f3057b8d618aba0e8b7590528951036b69a48a9d3aacf86dcde455902dc1460f48cd1f54

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        607e65f9d9d8d27ddad40951ab5baa67

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7fb00ad194fbe29bf9c063d4f22544f8217bcbbd

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        63925971f93c61cb32d4bb67e435947c2b798a2a785d3ceeaf9bfeac0d614605

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9651847dd23830c6534dd312ce278b69b9ec5806db6098385cf63ab1cbf219b578171314664190a678d003ff5d5af4be81488621ef19aad3beea022ee7e4a5dd

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2e4763af4b71212563df49ee79975f9f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8efa610a9f1092bda8ebd4f21913fcbafdf033f1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        585b80016f2a3f61170a16a29ab70157e8d38be66c761a1cac301ff02677c37e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        677d6096c3d993825f406e94c86644fef740d0fd7dafd3ae8295a8e96e4de7e2ef2588ca20791a13d4de6678f08bc9d139bc93e6510b2611dae454ce87a1c39a

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        a12060dd87e724336b7531edc6ad16c4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ac2e44cb1600cd770d1b0370dffd0bbe8a700c6a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ec286021cd6584d65708764b03927c1daad32e81e44baeb3ad01b610aee3b586

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        25fa0548a9a565100aea9368fa4a7b423915b75f072f2e49f3b6d6d158ebe861bc5ab60ffbd615ec32cd49985b8768ec52b9ecdfeaaf60ca4d616c064df6f19b

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f51119b5014a67a7fbf5f75f0a7ddc8d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a652dbfd10d064a1d190eeb8123925c9e2de2d35

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        df4602cf6a579adc9a95a09c459f4faee524889d2a3cbe68fb4f56aabed46f46

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ffed0d3f4d4f2932a81b561972c053ac875b0b803fcd7751fa0794cef34abdf0cb9a476a60fb3279d06e5d8da8ee1f7dbe9af4ec38d9830fa884dbb78d1d6802

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        138e022c5343f5f00523945e9ce7d7a7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0cec48895a83407718f7c942a65306532697f088

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        851a6fa338c96fcf4840d66559311be905f380adeb24773b59b6af2bf5c8683a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        364e10b4a40c92980214360fcb2dbd64a2785b18ea6ef998f4957b743690a42daf7aaf58d6cfdc2d0af4c04b4452029e0d7459d81796374b2e6624fed255a60d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f232cb71befce6129705ca5d98e19635

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        bdca9c463682029cc342373b9798359b839583d9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6596a6461fd3770faf244e6ff4c05c7bee2c15258cb2edcf63d759052200d5be

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        a1198a113297266c79bb410f1348cc76d690a0f8063e5d674d0f394c24070ada07c186de3c70145baaacadf8bd4def39fecb1027fb3614efbd466070ad79b743

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        264KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3aeb1b532d8fe5768544d98ecef40d13

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        76e7ac0917776cdf98e5745d3a1f42a32c34fbf7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ad3cde76ca26660c277fb647e8f4ad6451ce7845d92c2dfcc7bee40e8ff50017

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2ebbe1c9d8deb2c03ece5f67d9ad2fbcf04050d5058cfd3cba0f850cd306edd8aafa1917ef762256534aa2d5325d15043c5251533a2fe1eceffcc152cefe2c06

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        5KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        643dac1f5c88ddca4397ca3d870a591d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        eb467692eb1e558288bc116b849c1f74923e4112

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e8829a9d228de303f0dd1c93cd7af1bfcd05d3a034fcbc7bd4693ab68a579e88

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        07baca590daba60f114958c4721f3e6fc15078508b57d4994cccab03b0ac231325a0bb0a8488eddfdbe9055b87410b924896037b90496eab0d1c96c4de7c0320

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        344a2e26a7a08209bf1050bf3361b951

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1f61b2bdef35cdee5628ccdc3d7d6d3b6d47535f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        99de8d377106bbdff722b866b1d034b688f7d0e783e7b2870f781fc563b29fe9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        06459fd08b2bb4f7d6075346afeb804ae0691e18099283b147cb4a065cbb0548531cd9139207167e82b5cf84c6def54e27792d8108af643b1abe17d1796520e0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0e1227ab7c2095814c931d0121a794e2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a09e6d293860bd8a8a3f81e740f480e3e65c60ee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        571b71f92f337bcc1274af4ad9cb68a456a017be1c2d6a17b690e869180aea8b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        774f98d1d6e51a97ba102827b716bc7d81b8c64b5b719fa831d52e16f0e2c5e7a756d2b6d1fcfa03ead4657030401adc9a951dd14c9c955d181c7a640e283d9a

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        9c68670c65309b3e554675075592aea4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        de91c7303421169213674c104583aa3d1de25ee7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        72ae37bc21e221de78a62c3776b3bb209792757d5eb32775475129090bdf44e1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e7917251e46117754c89b5cb76621832c203caf1c6093ff8a7f6b813805b3287c702c75a9b2045f36027054f16656ce0558ebe66a2f4152dee4b0bdb90a39791

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        663d19b651f8604afad66e23f2b5b237

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        4293ba42807be966e778c2c1db7348588140c85b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f40ccb4893a6c8e8c573c56eecf0fbb4781261b4a45d103c2606c13253c624c2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        c277492b899f3d3fbf477e768290de8b7a6a759fb1cd979ebcd55466c9406b2d69e7c6edf85509ce06a8a82d4b6e78178211495920247d116b9491bc88657966

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        778B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        be3d7844fc627d74aae909cde489200e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        299d813a9cae362d6e26522d70c31e5dcf5abbde

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        3a570ee85e6279ef01080fdbe74a2823f3f39073a27b6c2cd6d1a22b85bf3007

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9fcc4f5c5022c0c8d64d4f817bed5429838ab42826828ab203326dbd974873d8e533e8f6087c07be6bbfe02dd3ad290d2b49dd0061cd1d3de73baa0783ec7243

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        8ac15487391beac81f837a743d530914

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1df4e36bf9aa3e18401dd0f74cdd4ef7af0bb747

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        24717f588d8e7e2802936580baf5d673e77272f22f4991957be01edd7244ace8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ad50a602d34da6913670195da0637c9d70328c70f55f2eaf8fc3cbf1d565f1525fd35a8b1a629c3800a27d0b58ff1e18de8a63e3cadd2425aaf5ff515ed5c6ac

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6873b74b775d7a1b2859f040a3eb9aee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        413656a0b61be655659d6fa591dc41caef1de6fc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        60b31251faa95323bf373d325f66b779214e3ac17f382b63d968b635626ba5e2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e240991a12023d113b08387e44dae7ccf362018d0e8a3ea102c2d1a3cb3139df93c07e210d7b4e6cc2a7bc511056f61bd0290a4dc11677bb64afc88a0d539595

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        c14b60ade6bb98cbb7ff3f96ec0eb95e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0d7fdd33503b5658d4ea1a13ccc04fbbf8b7b367

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        423c733479f8f5c451dcc2a2a452b2bc4628de57c00762bf9d3c9f93a5a259e2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        27204439b521736e7b2c2e3adc8e64b247fd61f2d4c445db1d01a559bf39d6bca7df300c2fb2b7d3f3217fcd3ddc6fe9a29f8f1bfc0d2d4b3a2694ccaf9dadf7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        d0e58b893b84771b6bfaadab5703968f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e4e02e38d7f101564613fee11fda4a466555e0b3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c616a84b791fc8b99678c6de0425332ab6c72e619254007a9fd52262a96dd332

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b7e60db595e002898008acad85888fd5fa4ff8535c0948c858d8398c995b88665e01fb0076b44f805a1a797b6da6f8ffa36bbdf8a60bae5a8f4665d3eb0b6dda

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6830df84da961b23319c2ef7a6f7a0d9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ce296716e7888046d2ae12e3cea4b3f530b78b46

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c381d1632bfa6af2c8485da65c5d54abe2aced7b5edf4a2f665b4ebc5b8749fe

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ac27488c1c8b9f1a0969d8d6c3e91d5772cafa5260795c809835640eebd33b29da18db52f37951bfab517d45efa7f04453306af1bb8caae700db973e852daf78

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        08366d2d21be2e6cb91f4ce6e1e1c070

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        bdc0df1d94d10d11c575ad900bf24c8672644a48

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fa19259f2da51ccef245817e1ea1808b70e24a5fb054c1b39ca75aa2fbf4014

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        0ea263bc5cb9a023e821faeec2035c0de0bc258a17f2569391e5842ed13fd31b3ecef2fbbad822cdff4e967f1895c189f7ef169725b727b190319e84bded88dd

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        3KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b9ee840b2c85b76cffe9c2325d0adc7c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e2909dc7626a864a0d3c1c7ddb4b763dfcdb6224

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        244880df326929448d9840ecc7eb50eafee134918d756228da641ebb9c9dd377

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3aa3262a1136b6c66a9a864824a36a6475789039397ffbbbc2244536fc23e2e97faeafc8287f4f6470d5610dccd5f04b8cf6c9540108d8cef495d727e9ae04c5

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5507dea550e8dec6ca36dd6778ea6778

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        f0fc050cdb759dea300ba4f8f8184654f60402e1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        79e30aad296fa0cdd3840d4928d6fde48d50d6dd66dfa3d44cbe7a7c1cf097a2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        795c2d4e7a078097457ad2de81c378bfcc10d84e1f9fe7efd4bdbfdbb671421c6eb45088621f2da2534703ec9d776325881721be66c1499e3559063337813c12

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        5KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b2ae58ec7e2ea59082c67c8ef01959d9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d630e7e52bba9cd12fbdd734458c8aac9f64b0f2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        897138b3ec127f366a267a0b1b234e9b96a5d4812b0edca6dc2e09c88c39e61d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2082802b9fee64a64539b9ffa1cf9c4ac4b47b592a62a490c2a4549d6fef4cb056d75d6fe5c3f4f7042a785b7c3ae3ddff3ef328c28b65c4e1b3b08d9bc2a508

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        6KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2cf95c6856aa3b580e11b514127ae86b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1f96e8ff5bb6e082eccf8544432fd73ec46c0f72

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        12228906640cb828a92f7a0f8c1febe32f191835740e4160981d3911d753b841

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        a21b5207486a836fc0cdc40c703b2308bd54e3bc7a270a1dd5b14e344e423456b6d6ec847c612af55c65146c7b5d9b857c6b9097d996171a75a8947cfe9c7103

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        6KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5df0234c5a6cbaffa692ca29dc7ad07f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        c3ec81624c03b749d64b0216d0a601a301afb396

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        10481475f12d86c00aed1797ea39332e1a192c77689b2be9c7f0dab7c983c967

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3ef3f263fbc8c0c0ed154e86296a82873961b655981e4bc1ac043486ffb2f02adcc771db43c2a38a737c0756ea286faf26850b4c9f7cde084819a66f13ad5fa2

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2f4e6904ce0ce1df4b81eac2b50ea5b7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        3206858fe9678dc70ba2bb7db7dfeb10ab551463

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c30d9f0caf5163688431d806c639746e7650714a0cd45eec773c08fb275a2c65

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        dedb427b787a29dac2a006d129a5d167df7fd18963ce2fd6a9ba9f98aefe6e25c0fc43eb9e777e68be7d0c5b4027cb2393def6686c0ce824d21b7c124af4c0f8

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        c0da34119b92d24a3e81c6e2e26aab3c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        66f5aae04b753fb3465f98ccb634453af80fbfbb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0ae7af248ccf8314c9ed4a143c4750b17b0896dce4796973ea5edafd2365e7d4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        569943091eef911ac30a8474919d6d0549e4304c156b78d157d28d113cb254debe105e2fcfea938222093cc9293203ef63d9e93f04557957fd1caf2eefa89e33

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        6KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3dc856f76c031bf0d9e62891544c0884

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b83ebea053f2460bbc0146d53f175ebc9cc01d95

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        51082d83181d9c3d448b8e11501ce4e3df4b4f3deb243bc378332ce64cad7cb8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        56d9eb3649be07eea77407cc84971cac11caaf23ad4dbfaa1af3c411bfd9540348ae53724b819e2b5b2971b425055a6a6d555cde8c061a7e4446ea1265f87850

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6890b0bf9474ec3cee87400413fcc1c9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        34b283c1da7acbb6ccf091e32a3001894cb88437

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        dae48432f0ef277d2cee0384764ffc22f8e7de36f92ef9077c5d92fde95ccdff

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        4c1601d56a37956c7a3599a9edd01599c0bf5aca7a2ceb711803c59ae7d2b3ce157caf90e04c20666a1b0606cf2f1b03a2b2593f8a7febf0680a03a3a54f699a

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        8cab64ae8d2524469826eb58aafff2bc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        400eb928fc9a5475a66cd0c6d68b6d1681429115

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e765b7f013d273e4898d2684989d780adacd871a1a49f3613750f66f1405bf43

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        5982509684c682bacbac0e7032755fa072e9e9e4e589e1c94e28089698864d207817ba640daf1838d6ff1cf985ba7e7b800f18981865bce2e7a2b43f152690a8

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6b532aec5a3fb5efbd9c562b24ed2792

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        f04bc753b11ec8ab7cf01ec128be4b09bfbef4fa

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        086b29e44d202045f0f3d492b3c6ea5afa68ed6aba02fbe23d230041ce1e25a7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b203c51d8ec6deb525139c3dda0e03347ccabda63cbaa6acdaf1343fcdbdbc0c1ad31c518cd65224de632d5dbb0f09dc1451f4398e2e95e20be8b36a6450cccd

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3544df0c7bb00444bed43a6ff8776b6f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ea76afb3729816faa7195af2c377973fccb58b3a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        17f10473e72dda13b76e4ac147b5990b2b05e830b029c91d3c3494051e47dcc3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        214cde29c9b0dceff97b577286316d86669397bba378329c3e3b6501d949a08b34fd8baf83b45e5acabed23887465e490626ae70be0faa480b71348896ad4170

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7dfb74e8cc973406ea16c7927fa8caf9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        2ff27840c30c0844605f8434f481d76964e0270e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        2cec4e184bec55e8973eb59d72661f337bb865c941f550185d38aa948a6b494c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3241bb853795e913aa953f75d321ea1e62fca823165843ba7b5a672d5e2b88e76bd1ff3957aeb8ecb498abb816e37618182d3735cd146b9665a3234649f8bf5d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7f0ea9aaf3a4460157ec61def72ebdaa

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a3fca6739fb1bd7b107b057b523a77bdb54968cb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f9b7e5cb11e69df0d0f12e5955140bd8d697fdf5c169047a3ac8d2de47f67e16

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b0c0f128f8baeb91ebfbf00c0d40c3bf8761f19c7ded574000a2e7bfa250f60bce76e88c233662340c28463f763409699676a544085cfeaafe47ccfe555da22b

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        7KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e927ca14195c75c261c3979c7772ed4f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        87af4abef8a0053768b6aa5ec54b68e148da8659

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bfee6124bb7376b5215dc4d1e90bf0e0109a0072c150c722a0c17d2bff0ef700

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e5493d791f569a6adadd741058fb822fb3f141aabaa901a68eb901efe8b72260223344e604986a6db96b539c232ab9718a8fe964cbd02997a536f967f3ff79a0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ef1d6199b6c2c54339382b114ac727e5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        963177adc595954b9682f287160b45c5b1a8eeae

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9c5b51dd62e43454aefae648da6a6a330881a8802dbf4b69dffccf75a30dc18e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9ffab203725c8092b7892be6beda5c791b0ab90cfbd4a99f41b89cea9e60bf7141875b5248169bc4bfd47f41506991287dcd59a17740270aacf8ec62ece741f3

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3461660587a4a4966fc544560ff5d065

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        51a72fe045f16d94d8bf68ebf2f42fd41172e9f5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        980043d9c4ae24647537723b7b8dfeba96e2495a3dd97be8f114b78756ed9862

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        bfd39d7b634f57748718ac537980297c90b98c5e4107bdc3a392d277e6c06d08480374b4f21426f01bf86808f9b8de54b938f3e0e56063b7e3ca0bfea60de59c

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6d8b0d5bd0b0db4b59e1acc23f360225

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5282f3e11427786f7637b7987b5e3ae1537ab5cc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e96c649b04dfb9b150b5390bfb2ba19bf30c30fa4ad028269c41084f8cecee8d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        53bea42c3c00bb79bf9c84ebf412da0507faeca21fef0d3e094ece9641e3f04826fe2f841dfafd45b8d3238a87cd76a66f925904d8e1ae9b379bca1916782517

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b39d99eb6262284f720044ef01c24556

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        386d31f97f15f98a709acb995f12c37c615fcb26

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bfc6a167c9879747d016a5729881f5bdd92061f30deaea5065ab10c715bffd7b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9f3a2d4841a21bf51ffe96c59f126262a7b1065e86a25c756f4c146b105a215be4589032a983346e2e331ca5c5a69481f7008a9a52f4ea5ec25889aba2a49aff

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3d343752810b526f5d0c328bef7219e8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        3e6ed613db5d57e31efab16e98caae0d53eaa953

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        d1cec032428ef12d94f38969d9cc56a25dafc01521a8f972a3d3dd7fd49a36ea

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        add7d64c48b7177caf53d5af8471ab3d61ee9b6a5c9369e2eeba385548459b6e9dcee888d5532ff0ca8d8fe34df230e8fa059e2cc9b01172d73e9fa638f26639

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        7KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ad15430e8e301099ed4a545a78f93f34

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        f68a12db03dfa04876d7acd8f6f1959e666410c9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        30989f94a1fe12c5da0425462f5e5350942d160961202b05b68b2da23f37b793

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        357a5658de445d70c511a0b2bb5707856490ac1319541b38af18fdfffebaa11501d1b1d31e0e44d95bb503873af83ad4fe28c0bebfbe7e434ca420f7c16b6719

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        308d7336e3f32dba7af38f3ca72f5912

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        4354b0ebd9ce38aebd49dd525a436dd2b774941e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        968a61bfbdd3e162a3c876dfd339400e0ae29be8e2d9d721e2484853255abfa1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        538ad4d0bc7648e57dd126025b49c1106e1645fab9e7d3b0ec0164db0f9eba7b18eda6fb6b48e93cc32dc9a920394f5ba013a8e8e3ccc9472450f0d5c220d9fc

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e42b732e668cee7fb2754dae30641869

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5d6be7e35bc4b6184787574c79a1cef956f65b85

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bf1fc3b69ca29cf60cfab769043b50f3a17eab18d0ebfc753687303e40f77572

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        5170852930efc081c15d344b4596276ab8f7d221b4adeff31d5be3040564bb3e301fb9d18bf43af3c2c52e093784216a6fcd02c642722517fc2d1419397d3ae2

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        4a368b58e916ee653399b8e20488f574

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7cd5907286ca649f8f4821e55bccf86f7b42a39e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9c5a6356eb52d9a2cd4803d4141e4a921645c356db9e330f0cc90c3715e959ad

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2372fbcd85ea9b8dbbbe6deb6d912079c409ad48555eddad79df89c046bcb15e0ae0b6b767c2de793a93f0fa09bf28d19d699eacf02e7d6461fe6c22d8864b3d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        d1cd30ab02110dc9c1dfdcda18527940

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b1b28c551530392eb95e571e70d9b3c5c000d378

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        01e4b4e24c15a03f748bf4913c22f27e08efb141601d4573e8efe501cb30f7da

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        37f91e34e415f29d39662f77e947566246eafe0086cbdf2215f07ce922125429382252bd937d320f0dac1427e27ac0a0fa89afa56e24733109d3364b56428dd4

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        58ca05095e1c03772d392e4850303507

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        999a174a81ec89e3639d76bc808297991f4d85f8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        7cfc8148df1e984f84b1fd15341e01297c8112015b47c70f8b1ffb8141612d8b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ce01c05c4f0551e20bc8691f69beed000a5f8bff174b14deab55ef6339e426d28688e0cc64334015d8de72f2819473d0114edcb21f0a84d7ab745887c0766601

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        15bcae05ce1dcef5d32237853d9382c0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        37485403ff5cf469fd385c64ae74aee9419586bb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9beb6cd89eca0ad27d3b057e8790b6660fdfd0a29f76e537d0ed15286358e9c9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        7ac7cccdb3890dffec449ea70679b7a172b9b97db51d7d977883365e9f1935bbdae77a32fdfaa2ed0059ee2ee74ab893b729d4e242c5413a4236e520b56de7f7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        00f2dda4cd584db68c1c116ba97e1118

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7e9182609c09279d35fffdf890cb920db868c874

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b0e7cba25462fa356549bf2dca18c4c02ebf4a51bc45cf8d4df3476d8d59803a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ec91fa134372ec9313fbd000799f6df4a2db28b61eb4afa19a518579a43f0de8ae990233798e78f69c2b4cc0d53e272485f39cbb76678cf2ceb99e6a63d531cd

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000004.log
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        6KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3195111c97f8725bb92c1925d01e20be

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        21b9c392ae1ab4ae239dbf6d245e8841e6ae0807

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6911de764c2996c996b0219b0fd75756341d66d2a9f12b73ad86c49a33540b17

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        5193ad204cb78b8b66e191f4a54f4bec385fa331bee723d5785f8136412757c74c2ae1849477d460f9563885f2053ebc222296ffe4e9e63daaec51990e75ae92

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13365745095190323
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        67KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5c3b204cb67cba9baa493721adf8acee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        325266ac3bca078c69c999bbba6e24ffb1f72389

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        dea4780b6e42efda529be8e793d475e68f42ae38635d22f75107e7ec7306d3ed

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3cd449d73430dcae405a28f03ebaf4616c167b3c7d344669ffee37e7403e5371a310c8b0c8846423e266c7bafa4597403f59bee1c9f079cd5827bb599a5731b6

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ea7ffae96a20b67a43c8e7baf5f4d801

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a7d334a835fe5b9d8ddca8249463479a214bb628

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9c9e637c8d2448e2d31254ffc94dbe7d824c95d4622500dea4050b40245e5761

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        78ff6175e6d142354ab0249ab4bcd530fce17f8495b7d74c924885f55b2cc854387b8398bd4df6a0870d04b1fb348759a0e7e4a49b9941132f7c9092c17890ef

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2f330e78cff6ccfd289bf140249250ac

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a1105a4bb0f8d6adb8cb6f4312c1a7400e139e59

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        7a0873fc6387d3707e4df9f01e49ab184d606be7825eb46b2f1394122c46deef

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        087f7cd4f8dfc36f9915c0c6e9079403ff520ed467daabed2914f13b936e1e83a5af6dc5e2a47fe1d571cf2ef79eb273974cfb7d2dcfca950007740a19ae69a9

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        522581a2a1b06c93eb2d0ff8243c2de0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fc7f7569b3d08af4be4b547761bec11193ae342

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        3717b3a6bbea660274c4fb5fa20bed18eb8a304f3948a9e1dcc1239cbb090503

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9b32770c394f2810b32b7b1e6c43358204fdc113ed734ada39f618932d7aecb6b28c8778e0a72cad30543ba9b685c4d7b9dd8c64bba7fbe79aae41e0bb08d5e6

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5a295f21d11c8acda300d7a4e03502c0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        92eda084b3ce47357f49de7f1e5efd2966c60f8c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        46f3eb26bb48251cb62e6c91130c3a1102d3d3898a015ab89745b6d0d221da23

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        beb2f8f9c769247eee55bd3b98e99e166395ad64045e0d1f5513842ba4237a7a92cd422e353357bc43e0a72aa03c5087d7b46aa7229d76fa74345b8d0d9bce35

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f8579a5ae5ccc829dd5680b977e3277c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5695fcebf7e2d4e4eecf09025338c2874ea6a512

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        47be2947ce4a6b66f18e068a34995a7e95f9b079e99a81b1488361e94376a41c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2185e8ac67f59a7ca7d85a68a7f9dbb3b3f68dff761bf68e6af1796cae2a0570cf0b5f58a5f28ac29d797c859332b57c524345835f0aeb88ea6f52ddf4ab98df

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        9dca1893fc64cd162569bc126f8b7699

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0f0613e90d0e9731f532a852bdb4a2acacc0e1b9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        89e8f3cf5d80cc7c82ef33024bc20719bfe6e2fea5fe09fd249d2cb15040fbb1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        819555fa9928d0d2a7603092e8498349bda185ed541e72c13b514e1a26fc05ad66617ba68da02dd221d6f81e53a88ddbc510d3c1ff9cef636d2c1bdec26e067f

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ed49d5437818e84e39046d2a2d74667d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        9d745fd9306e9a257bd56933e29108503f6e898f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ef6bef775ef292a20600eba7df66ba84902b6b0a914618abbe0354e0c901db6d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        0dd40f68fe3f0882140468b66745147c18930a9c01ded11b173e638788292688bab22724b5b653e80486a69dbbd33efe2d4e1e1fceb8a9241a8514f7c17079e0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        84b0a1505da93573a1389527e7f8d2dc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d1b2e02af7a709dc112958a792d8bb3b51dece94

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        d7178106052cd88791f10e76500fd82ace6f962f7c7b7f0c207c4b65337fb5b3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        cd242e9d829d714c8735de35928ff86ed03e31d20313e1df58967e1bbfced9de5698092ac6b6491d3e0562f5bd78cf8bb9c2fd7b37355f0ec7039c656541a1ea

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6c63358c38d34eb182dc38e49a028aa5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5b7966305a8d68620bec3673ab57ea4b61d0359f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        d92178f7e3b623697ca2a3d8dc0f574957496a02b0873f685136d3057b65b798

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        743893a2c16eba2268e3071d5bfc0209855267ac84d7a88aa1a677a10edd8ff6730c3cd7c7a1db23ef3e19a3a68cc2abf0aef8e3bc62f3e77a499d750abd52ad

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        7c4e11cc30b7680147f4d0c2b883c74c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ea52db96ff8b74a0a92886d1635c33f43e9ae6b5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        a8fa37d8cba61138d8290fa9d3202f5058762fba7ede2af85f415683081c4fa9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        d0ac7041dd2fd7cd30a476ac507f6a397d2276094ce6ee3829c73e0951be6c9c0db4da43920e017c222f9d8b4e6b9e869b6a53059f751f0a1504906e9da8f8fc

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        708b443554c5d378de54ff81aba4e11c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        26a4ccedb21780f1b4a94ee2b150a20e00865839

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        a11cd1f4755b02b07e6493c75b741ea4dfb77682abdbebecda46af2932db8676

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        226c2c590fd68cd889dd50091e14cab27ac8769f685cb077542d6ddc568448d37a3cdf344bfba48cb456acfab64b9e79282e56dacfc5a303511eb84b4a5a07f2

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3224122ae936d6e812d816ae9936a310

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d0d22a75bb58e77b965506edac0c081384176d5f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fe9360c6bf762084592a7d09e2866f6bf508d9027d473e269650fa4fb5e5459

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        be480e768242e0c1617e76ce3815597127fca651c490e5df17e47af3de00c0c43e89d1e50c91bbe66452c1731d431f0a53657d1012e66b0a55ca0a8f6eb86b2f

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5056b70a52f57eb7588d48429c2cb57c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        02bf4700478e645c4145d91a311d4dd48a3472ab

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        5ed7e443f44d2b7d05e399f75a78c1d3e0a6eacbb0d05065ef099f44b67d4928

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        526c03b37e9470d0ce9758cd914c9a06ca1961cb80c29c7eb72d01eeb6a7e0f419b476e6092c14f0731d8e8e7da9207e7216f4b178270d065f58f1bf8ef1d613

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        92a49c9f651d55d58e08bee3350448be

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d3835de89586a79c8861feecb1309cb990ebcced

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        fa61511c0c269ba883c82f2c7aedddb60f9df36994a8753683a33228aa513e9b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        351ae8a57b70cadcdc261f01b88ce5b7016f1c336969e91ae67c1b2ffbe48c47fcc64d381572e4a6a6312f07dac98bbcd36176ada3ebb068f92a2859d0168e4b

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5de978.TMP
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        538B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        91a005efee7598cd09c39194e83fc53f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        c51be2e9ebee95c86a65162b63dece48e7d02a91

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ac879ebae2a9d8f716d2e0f2c67afb4860935d8a51d7631efaebdcbf4340e7e4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        2b634e5b689f585ff42aac5987716d83674d63064f24f6ebb51bcc87ac3bec1d57c73eaf52066cafd77644094dc18f7dd6dfd8a7a48b9d74b4ad5f303715c5ee

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        60e3f691077715586b918375dd23c6b0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        476d3eab15649c40c6aebfb6ac2366db50283d1b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ab6ab31fbc80601ffb8ed2de18f4e3d3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        983df2e897edf98f32988ea814e1b97adfc01a01

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        589c49f8a8e18ec6998a7a30b4958ebc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ebc863bd1c035289fe8190da28b400bc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1e63d5bda5f389ce1692da89776e8a51fa12be13

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        61657118abc562d70c10cbea1e8c92fab3a92739f5445033e813c3511688c625

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        f21506feeed984486121a09c1d43d4825ec1ec87f8977fa8c9cd4ff7fe15a49f74dc1b874293409bd309006c7bbc81e1c4bcba8d297c5875ca009b02e6d2b7be

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        edd71dd3bade6cd69ff623e1ccf7012d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ead82c5dd1d2025d4cd81ea0c859414fbd136c8d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        7fa9b9ef95db0ce461de821f0dec1be8147095680b7879bad3c5752692294f94ebc202b85577b5abac9aeaf48371595dd61792786a43c0bd9b36c9fc3752669d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        904754a73eb4f8a75410a92b2b7a920c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        208f9e70a93742e8ca1f5e2537690172971209be

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        cb251f3f6679b9f339c3697f64ed056ae53caf22aedbf37fb57dfe47e8c0e95f295cb180c342e415bc540a9332c0aa9253af7fd2ac17b3e80ad94bcf2cf29469

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6671db8c02f3c234bc5b756619a0ed77

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ff451a14cdd61df48cce4448f118377af77da143

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f7858098c26ef2a143b0e7cafbc03040c3c1c3185f446517108a7bdd2a6d9c4d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        1c6182196ec6086d5316c741f974e6ec4efcedc3eb835ade8df2762d2ff245f055c05ed95e06fea3e04fe3a08e9582846cf2588c31fd69fc4978440039604ba1

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        a874f3e3462932a0c15ed8f780124fc5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        966f837f42bca5cac2357cff705b83d68245a2c2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        382716d6fc0791ca0ccfa1efba318cff92532e04038e9b9aa4c27447ac2cac26c79da8ee7dbafae63278df240f0a8cab5efea2ee34eef2e54e884784147e6d00

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        76KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        70d4ab3b7cf892f1192e33ee52ccaa98

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        aad4adcec0ba7999208b240d3f7c63c9aaaec081

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9e4c6ce9ec3149dcce1ca2203eb58563753cd8bf85cc16e172fb225ed56fbf5e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        886006b02f97d0201af18a74645ccbde1f897f252853b02350f884a9b1cbed39e107011bfa10e40f0c5bfeba318214ccda7688e8b2a6db706ba87ea725f65447

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        13KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        3b7def55ddebd50163983dc36a359e11

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0d0d97c6ebfcf072a5012cf9706785ac6a2121dc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        1cad76af475d2fc64960bf789c2c28f1aba65f0acdd1d8c77629ab6df035d7ed

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        aaf8342bc9f71efb68fbae197650f52b09b3ccd747c1a52a7608d1c3c93e57b4bcc5a82b3795dc097daebb5137d6f7286e63bb3b70b52b758ca35dce5bf6c211

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        44KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5af8641e2b3cb9219eff4eac1d58e1b6

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        ec5306b12499086a9c109c91dc61b6393851e9e2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        456f4bb9703462b59f1e58cc023ca227d221395a191ba9fec80e06e15e17b279

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        8307e27f14e0624ac65e87e59d90d5870a35c12e3a3ff2ba78ad1c1080cf7c30a564361fd6c0ac920f6553b91a3510273fe808795dd14bcfc6d322b7eac3a305

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        264KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        8ae68267f5e3dd74bc4a1dea9e506775

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        67c4114382e172fe44f134d8233842bb70011174

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fa40a4da8cafe5bf8d53f71da55b223027327819f8ccdefda1e50484a2d7a99

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        f338caeeabe4181caf47dfceb02bb7b4b739fa31b48787b14044574e69d2bbc99768b20cf7e8933b22fdb526cda05358224196372451966a87f83c4099bf59d5

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        120B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        a397e5983d4a1619e36143b4d804b870

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        11B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        64912054356d195925736f8e90962580

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b79bedcade3c10db386c283421a1a5718c980664

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        081fe9af5eef8dd6f1b28ec9002370294cbae47eadc9f43e8fd3f5a4ae03ee08

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        68efcba22da27c16d8905e59895066c92b031878f07c0d17a94030ad190a33c3a311e40b583041b68bc612005855e9067141cbca890bc3491fffac23b3ea0054

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        1b2b7469681f28d6b41ddc34d2b1e446

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        264d1c3b1e64eb6f1096548892078bc0306231b7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        576b54519dfa02f8aff8266921c7986a0e6f74fca36a76656a6b14e3f01da39d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        16799c99976065dac3067d604c8dfff65f6f4b6d3eb875aa77da15801f46e91afcbcc217eadc780c58699479edd30ba4bfafd5a30430cd80a1922ff6f065206a

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        11KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        9d9c3d5e6efa66850fef4bbd7415be36

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b881cc39bde4e0eab3a371880beeca705f1ecbaa

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        cfafeac544958c92256fe9d83040a5537be06732d40a935f8101e82aacea3b3a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        715679a40a6a2044e4a420817cb600a2f06f66baaf894a25bea3f58f7045a676ae6c344ccd7270d8a2fa6baad744dd05d749bcdd0a6682d6a0fc531126553049

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        66533713e72bc906b311139b058e0dc3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        c3cb74ee2a4edf8f9abd3adf8a5ef6899253be9b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0ef83e0e619dbcb97c7f4a36629e6ac7d0d5340a45c8a79a94379fab151d478e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        699da0347a3ef573c4f228e170824d49a6dbd574f455d442679e4e8f2c048277506d9ebfb1ad47721a9e2cb297aa75d4ad7e9fe030dadd293f027c15e5d95475

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        11KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0abb782d32c50fab03ff37e0ce012a76

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        95468ef6a058bb5097fee163f3608aeeff536544

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        51e95045a41a7e6e39953ec98a1f2913fd62f3795cbad74cdacbd50e516878df

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        fa2be874f1f485876e57ac51bbf143aaaa2a8dc6d58d4e062e854e67ad7232d00bdea1e7db9cccb730865dcf41ace5f8b9b4a7290cc5ebba1039bf73a8f3c6a1

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        9e9fc8bef1e19a368c0e157a80ae4dd2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        9d21858910b9935372d7a103d8e2c7d91469c325

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        1440c5e49adedbf4dcbe89d87a5fcfa71bae02b5216f5ee7347f10ed71439814

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        56339271efaad587f39fba846d5b70b300a241d74fe53a0c84f7a48510d567421debd781d8bc4190f29fe79ada516726d902377e1d9293e268400eca12e21d16

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        8741c10d1034556ca427a0947fdadd83

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d8672b16f1511c19c5d21e93b0c73e2177052653

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        d3f2af475e7a907b2b5282c5aa0e8c2333978f796ed7fcec30a96f4cf3de03f9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b72e89cca9075a004e5610838c4803dc860b3150aef5a6ab123ee2c43dee0b12bed1a8b1a29eb21eb68e338a476968f42d1545b8153904af4226f3d25de6c0fe

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        aff09bd8d088e0349d7bdbbeeea6a284

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        8008fec1722084d712871954645f82eabadddd81

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        419e2f2295fafc1ba9cf9e57420bcefae02f67bc3f9beefd130a30f4b114dfd0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        9cc9d4b8b78bff289b2d8bf5885f6975a722326cf758dd26b409cd973457f29c8361bb7544ba37943301c1866fe06bb4691f4f82846e4ca3c5ab706b666a7ad1

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6cf09afa69df92ac17d3318061ba2107

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0b12488d10c2557947f8bc23764733cb1ddb2904

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        5c02f530c039c6f0c297590ce9cc00e4a11bab702f282f83b19b14a55edc8113

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        392e3747848204342b64a56e89e3bad9838b14a6dc70c2d378a4fad00abb66911473dd97bf6829d2a083e7d5095dedfaeba9c5fb5401d143a57dba560fd601e7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0d4bbefd62130210e8f298a4c08cbd25

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        6dec36ad47659fac461b4963b698060a666bb30b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bef14c0d76103aa0407e206158a62da8282bdebdcf76662798776a11b7ac0d90

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ea8ace4dfc77f2ff335ec2d5fe7747e25211f4b68d35f9e5aa9e2077b5dd2efed992c2b8fc8827a7d36768027eaf2783d56f554b2bcedce91e723e4b24f4e0c7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f5a126a1d3ef7c7ee8da36b185712874

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        38a018e053b2999791935fb4669679bd0315bf46

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f193f1b6763d5a37297fdf6293a4bc81e2e21782d1f96c0c0b687d0aebcd02bc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e3fd6ef22bdd398fda84ca0d37f035961fff256c076c8601af471cd3fd9a97ec58ad27da062d3d7541838155ec133aff5aa1dbf5b7033f57e4ab421dd37acf13

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        fcc33a1bf020ffcfc5cd87d004cb5953

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e346bd7d1accbb09432fbb4c25d83e452960fd75

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        4e53033e939fdf6df87d92e0497c614d8a01c7fa9b9dd8939bc5cc26c4c09401

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        70bd24fc58bd39f22bbe2ff7cbb6aa081b95480499eef0570d44b16db8dcf04826b14b0b2ba521d3805f216e50507587e605c6a1701576ca75f50099529f7692

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ada60fa223249721685614ad441bde94

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5fe247a6f330b8b624b2564781f1363002f5ea41

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        06927bb19c18271fd7e42a32999161b85ece101a5405e500cd0f1fdbc5c1bf84

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        d3614a9e4068d1a442084f56f54966846e9197ec48ed2643838145f18f78a06643565147b2db9eca33b01a0fe221c7761bcf69d67d090aa954aef731e14abdb0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        bd9427c0f4c68b902cde38d402588716

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0e867c3fdf56443d33d3dad8723854bdb3051638

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        5e884bf20cfbeae78b3ae204af3319a35465473dba1f3e742c7d47a87b560b5c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        53b2727a08a60637c0ec025612672903dafaa5216c7bdbb202c5dba95cc8b01bad40a7c47268a62ecde98660b0a1ff642e168f26e9fda10acc20ec7c25800a5a

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        12KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        725bb991b44b82673cdbf07abe3d76f2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        085bcc18aa8bec9e6506d52532fbf6e3ce7d93d7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        cefcd104e592f8fcf3143cdc474084789042f188d1e2e116872bedb26797dd57

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        d4c7276e87d64a63e6754cf5b8ff57642733eec06c3f117f9c3c3aa88953bd392ba6e404eeca718c3c40748acc43ee39aeb6d72895031d8260bd16a19f1d1b39

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.CampaignStates.json
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        21B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f1b59332b953b3c99b3c95a44249c0d2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1b16a2ca32bf8481e18ff8b7365229b598908991

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        138e49660d259061d8152137abd8829acdfb78b69179890beb489fe3ffe23e0c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3c1f99ecc394df3741be875fbe8d95e249d1d9ac220805794a22caf81620d5fdd3cce19260d94c0829b3160b28a2b4042e46b56398e60f72134e49254e9679a4

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.GovernedChannelStates.json
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        417B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        c56ff60fbd601e84edd5a0ff1010d584

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        342abb130dabeacde1d8ced806d67a3aef00a749

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        200e8cc8dd12e22c9720be73092eafb620435d4569dbdcdba9404ace2aa4343c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        acd2054fddb33b55b58b870edd4eb6a3cdd3131dfe6139cb3d27054ac2b2a460694c9be9c2a1da0f85606e95e7f393cf16868b6c654e78a664799bc3418da86e

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.Settings.json
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        87B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e4e83f8123e9740b8aa3c3dfa77c1c04

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5281eae96efde7b0e16a1d977f005f0d3bd7aad0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6034f27b0823b2a6a76fe296e851939fd05324d0af9d55f249c79af118b0eb31

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        bd6b33fd2bbce4a46991bc0d877695d16f7e60b1959a0defc79b627e569e5c6cac7b4ad4e3e1d8389a08584602a51cf84d44cf247f03beb95f7d307fbba12bb9

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.SurveyEventActivityStats.json
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        14B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        6ca4960355e4951c72aa5f6364e459d5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        2fd90b4ec32804dff7a41b6e63c8b0a40b592113

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        88301f0b7e96132a2699a8bce47d120855c7f0a37054540019e3204d6bcbaba3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        8544cd778717788b7484faf2001f463320a357db63cb72715c1395ef19d32eec4278bab07f15de3f4fed6af7e4f96c41908a0c45be94d5cdd8121877eccf310d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\8D8EA6E2-5C30-48D8-B670-9099090DAB32
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        168KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        36e39e27b611391c1d0445685502b85d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        47240d054fd178e9f5a32b75926d5333fb8c3cc5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0cdf40b52102ea4e05ebff54b26fc8913644b0ac4b0b1f04c2308374509a3af4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        025bef9e5a0afb36e7ec6b3779da4833eeddbfe4a1990c4531371e69854d967a2882f532658ca12ddf7547c2aad2e0a0e0016b9680a727bc1a5684377d1be48d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\DLP\mip\logs\mip_sdk.miplog
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        10KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        cf23b1ebbfa7f3068c9548f4929b01eb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        1e6585aa6e6a8d28f92e480b20aed470e8ecab34

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        43a101714cfefc41670e0c3707b6922884d1896e118074a8944ead99e2712e7d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        319c7a50b33cd211098cf375525be978ad82c585d9525603ada28e50cd66157c0e654cb5d6409f1cfa46d78fdc692ae88aadbe9b8b34338faec55618f339063e

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Office\OTele\winword.exe.db-wal
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e11d3de353626dea3344ee501010de07

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        6c4037f643655895993695aab7dff1413a357ea6

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        9ec99dbd7007043908cbce1247f7216e65acdd2de76a7dcbf2b7474519206a46

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        8f5362ff25487674f73c0855413b92a8f7a74f09dd51608e0d77be5b597e98b7cbf8ac91a220ec41325b901a47f0dd9b38c7cc425ecb665fbff5c574abe0e3a5

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        4fd59dde18d6a87348df551add85a265

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        978cc8418164a51750056c3c0d50b3d3310e89f2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        336ca377dc408b6bd26e5a63ea518b58be957b31b1cf984027d11b300212b75b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        946d0942f6f7b11e78a2c5a0ef9f293c34fd3bc008ec76deb56ae960b35d3f1b147bd8f403858ec38b1a21b98f2cb738fd343315d59314e074c07d4b856bdee2

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\49dbe2955480c7f6ef8cec9c4320c9868d9293fd.tbres
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        1ce5e3872072a99cf0785d2edff007de

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        c49172f382aeeba6fdf238e7e2054905bb523827

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        fcab48562a794e990d8fd328581a43c09dcfe5c876b5aa705d87c4cbca889b88

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        95ad915777f681b32341402846a532428e1bd48a56f41f54c26bc18cbaa88e5c0931cf8016f22ca0d8dfadd28e808056d491d7620213d68b5010694c76fe2288

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        4KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        76fe9b1ce018cc089ab31ed592e08ac9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b471c3525f2d8f6819d3d654d9bd56f4e15f3235

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        bdd74a4bd55b624ea8a787a8007fb27eff37fb33a4d8e1bc214492a29b881b3e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        efe101bd2ac9fb8d5e575dea7abe2c085ecce30595005c5fdca9f7de6eab4f9ac848ef7be4bdd81629c8bd141595b5f59944f910b843f2b513579332a80c1092

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        33401892e0d97a0b9b36010396830a99

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        53a51adfdafd624d9b1d84a62f6d578f8a17633b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        1397f5f870e479d12d92ed7750ffd32497973869991724e85c80cbdd5536ebfe

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        c361ace7923db1752ffd6d31d42446ae407f9d6b56a95edabc406fe2d485b9acbe9a443114c3e6791d6cdf46a3aae70b10a7cc7f7513321d97d48f10dc0bdbc7

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\145F6709.emf
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        5KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        0ed5bc16545d23c325d756013579a697

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        dcdde3196414a743177131d7d906cb67315d88e7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        3e430584cd9774ea3b21d8e19b485b48212fe356776158dd5f3c5f63a5bde7d3

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        c93072d11058fa50e3b09ff4da9f3dbe2637c2b5df05e616bd8ddd04557ea1e8b0db106b1545fad334619118c467776f81cf97ca52d3f2fcbbe007f30032b8af

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\3mrom4gn.default-release\activity-stream.discovery_stream.json
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        18KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e7854920a7fb4a18a989a1f42a6340de

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        f7d146c83a60920ae4a74d5126221f10c7809234

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        f6b01ab369e0936dd18e77f70d1dadfdcca6a1772a3c237db721c3461a0fe61d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        a8bcedf6b3effac533534432f60ece82f4bddf03636fc02f8b6e6dd50d34f7ee0ee9394b2b8a005b44c62370f557f31a79f5a2475abae386b95247ffc9c69259

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\TCD92DF.tmp\iso690.xsl
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        263KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        ff0e07eff1333cdf9fc2523d323dd654

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        77a1ae0dd8dbc3fee65dd6266f31e2a564d088a4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        3f925e0cc1542f09de1f99060899eafb0042bb9682507c907173c392115a44b5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b4615f995fab87661c2dbe46625aa982215d7bde27cafae221dca76087fe76da4b4a381943436fcac1577cb3d260d0050b32b7b93e3eb07912494429f126bb3d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\vbhja.rtf
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        816KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        d45b4c5b1ca469f23ecf995a10bf8c8b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        b9bf43bdfeacc40b3951c7751c8d6e4db54587b7

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        371e69b58cce12c345e0daee5d824cd165b2d07730dc56d1142f8ae1dd00aac9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        38663d29f65926f8cd31798a7d95af66693b836836a0c5bc3d05b334f578e39673b07e8ff8391140cdf84ba24bd08d9df90ebf0c1e34e15eb3ac02afab4327aa

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        433B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        2399979d8ff18138b147f949934828f1

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        260debe5be261082f081f45207d8319b7b50533d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        d2ef8d2e8438707a12f860c52665804b22b8145e9abaff40e0dc36a5dfb70b14

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        72f6e263bccf709acdaa44a53c3aa0ec978929a63feeb9418f3a1a2a80bf54f07a3d319acf689523a86afebcc7b781980cff8ba662eb03761261e57a2bcfbb6d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f3b25701fe362ec84616a93a45ce9998

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        16B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        d29962abc88624befc0135579ae485ec

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e40a6458296ec6a2427bcb280572d023a9862b31

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        a91a702aab9b8dd722843d3d208a21bcfa6556dfc64e2ded63975de4511eb866

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        4311e87d8d5559248d4174908817a4ddc917bf7378114435cf12da8ccb7a1542c851812afbaf7dc106771bdb2e2d05f52e7d0c50d110fc7fffe4395592492c2f

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        10KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e38c28c6ba1dbab1a7ec78c6c5adf790

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        10e9a0facbe2f806cac5a699449bf6b00fee3568

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        e676b39f1075d9a266395063954c99bb2ba59400592811cf14b7c9e2ff629525

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        174241b70d125d885b55cbf2dec0501ffb2f4d4f5c23d41afee82757577c6c749ab35ede51bfa49ed3803834fa4903eb282cbf26587330a1da8c43dea027c0b0

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        2KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e9f76c1e1e2cfd1ff8909f51ec02e906

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        4a6e5c1bd707e7f02e134c583ac770cafe1233be

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c326bb9310eb74ddbdec64badbea06b5481d7e811bb033eac6217bbedef90677

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        ee05435f0719c1c920e2e16cd7a45368ece72961a76e7bdeaaaf0215fbaa9dcfad0c319afa1a88bfcc4b304cab96cf8da409b24b001db7d3260706884ee27b1e

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        1KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        4dadd186b62b9de739b33f98ace35750

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        3cf2d4ff68f7e1b3c4af5f26660e6bb7bfd21d27

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        6e554ee4bd7fe9adef690b289788caa0ac151ea49818bf9bd649d89e29f76ae9

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        f53e640cbebb050437368f35c9815b689e28ba5a74eb108671a0fa05c51f7de8d615242140e08c88e01f4d4a8012aab3d2c2866b8bdebf58231f993c9ac90206

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\datareporting\glean\db\data.safe.tmp
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        21KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        e1a341252347ee3e4b718f1633784cd5

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        0da9d9efd3bc6160c92de2acccba1be206465dc0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        2d36ed57be465b0a1dff97f5d23f1b5b6d8fe6c90e943bf40e109f62e80c881d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        b492a0f761a03c9ebf10489d42fda0d7056b81e1561f360f34ec8c5f94566c628788f71ed7fd6b79cbe38e61e916531e922eba654b0034eb5e4bfdabe46b886b

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\datareporting\glean\db\data.safe.tmp
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        22KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        63933bcf2ad97d4ed06c12f0c7bad3e4

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        4645b46d513fab3745c5c8054bc9d9e687f494bd

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b6c500e95d340c6be8a197a2a6c2b8db563099472ccd379a9dae81ac07950f3a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        6339528a6f052094362068ee2439ed21414ed5d4b50ec38a31c8deee4cbe9d747c9481e8b1bd0231683d30e99b4d861d6ef58744faae6083e35dfe7238e255dc

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\datareporting\glean\pending_pings\92f9df3c-c3d8-439c-962c-c1df6e21ca4b
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        982B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        5cc49aaa41fe2c080859d5b2e800fad8

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        7d30f444e55d132dd9bc15f477c3229acd720550

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b24510fd9e8293316663c58a89dd02833fb42808a8857231621a46ef60491400

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        8d4526f375cfbd9ac1b89a9406df48612fbe683f337b67963d38a7dbe0897dc8f6dba09e1718578a9d8f7f2db5776e54b33ff1c91226fe2c1f813867ad079a44

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\datareporting\glean\pending_pings\c5419ae5-6ec4-439b-8c86-0763704f3221
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        659B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        f07629fd93793476fdf77b26d4c25cc0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        4b854d00ed06082f49805beaa39f33c9701b8c51

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        a2657f5cdb1981288681488bbef5546b39b382ee2acd741d774c77962c1ded3b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        13c0bba4a71c6828ad161133304f8ca6d8b5672f1078b09ed2e9fb514ffeced95967034eb3096b324b12d59b38bba98532b2d3289aa5d601f5b37ebb22d2c503

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\prefs-1.js
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        11KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        695fd3f39cb0ee52b291ffd2172267bc

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5796bd0972fa2828f88bf30f2235e418e742fd53

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c292130e122ddc589c3ad027bca6c0966ac44c509eda5b8e6cba210b1fcd1d7a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        513df000aed15488ea8cbfddf6ae4d03ec61085a51c097041c05fdd5a0aad787599d7779d648dce671b8346f58c3cf3c7ca7bcd6576afc96891c7caf6045e903

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3mrom4gn.default-release\prefs.js
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        8KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        fd4d35bdce3eef99f1a04fd75fd25dc6

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        a5dbca47de80f6a647cc79f398cb074f5655dddb

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        0fac33e9377382417856348e027441934f1804114f363399710c66bc086e8e03

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        fff74351a16621ba0b8ef3c18a39636c4e09a2de6e84cb1c9f2bc744b1e64d5749e0f24f4cedfeb81fb16db71e28b9e9a82c875b3528ee08ceb7d2f551a5397b

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\BitcoinMiner.bat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        262B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        1b95e04dbd98deeabacd15b8cd17d161

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        223280d1efaa506d6910fa8f0e954bf362b2c705

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        76a32e2efb8b97a8c226bcb8bc5b113b4b6fce1077de6513405955bc6d74b169

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e2be3706491c1cdb9654d0720805dd96536c66f48bd7d8a4d781b5daeebfd22655cdb2d84ea1a1ec5c0d963b0f3982735975f032373c9083986cd1c01d379e70

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\BonziKill.txt
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        198B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        d5d9094b24ee344ca83e342175df4750

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        e12568dadb918e941df1a41104e67832f9011c1b

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        c207b0a91f8c340ea9b08f334dcfaaeb5307eecb1bfb01d68cc7b9ad994a037c

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        56375b35df448874cb2f8622de19d2b30cab63aec90a84a746ff6633ed37c30b9575c159306c60b78c32a0f12a92684b1f2bdba95f75e9bcd109b89c2336135d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\Guard.bat
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        138B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        c1730dfbb075b75a1e6fef67a65cddc0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        5cb5f91c1cbc047838d632986a61ff2ecf265724

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        037fec8b633a9e3df27772d7b483d389974a845a86fbe51c964b3732ecadb106

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        05a189c816d4e62679dac27a0c19924cb2fb7e5c372d4bebd6f1d535b8518c7e3806542faef3a2438b04f6ecbd01bf41cf75ecfc01dfd7c904aaf9aed3857989

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        14KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        19dbec50735b5f2a72d4199c4e184960

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        6fed7732f7cb6f59743795b2ab154a3676f4c822

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\Unconfirmed 888401.crdownload
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        6KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        74f8a282848b8a26ceafe1f438e358e0

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        007b350c49b71b47dfc8dff003980d5f8da32b3a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        fc94130b45112bdf7fe64713eb807f4958cdcdb758c25605ad9318cd5a8e17ae

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        3f73c734432b7999116452e673d734aa3f5fe9005efa7285c76d28a98b4c5d2620e772f421e030401ad223abbb07c6d0e79b91aa97b7464cb21e3dc0b49c5a81

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\metrofax.doc
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        221KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        28e855032f83adbd2d8499af6d2d0e22

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        6b590325e2e465d9762fa5d1877846667268558a

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        b13b29772c29ccb412d6ab360ff38525836fcf0f65be637a7945a83a446dfd5e

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        e401cbd41e044ff7d557f57960d50fb821244eaa97ce1218191d58e0935f6c069e6a0ff4788ed91ead279f36ba4eddfaa08dc3de01082c41dc9c2fc3c4b0ae34

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Videos\Captures\desktop.ini
                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        190B

                                                                                                                                                                                                                                                                                                                                                                                                                                        MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                        b0d27eaec71f1cd73b015f5ceeb15f9d

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                        62264f8b5c2f5034a1e4143df6e8c787165fbc2f

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                        86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

                                                                                                                                                                                                                                                                                                                                                                                                                                        SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                        7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download Submit

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/1936-752-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/1936-750-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/1936-753-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/1936-751-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-530-0x00007FF9C7A10000-0x00007FF9C7A20000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-529-0x00007FF9C7A10000-0x00007FF9C7A20000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-524-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-526-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-525-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-527-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download

                                                                                                                                                                                                                                                                                                                                                                                                                                      • memory/2328-528-0x00007FF9C9A70000-0x00007FF9C9A80000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                                                                                                        Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                        64KB

                                                                                                                                                                                                                                                                                                                                                                                                                                        Download