hxxps://hw[.]fgjk4[.]xyz/index[.]html

Analysis

max time kernel
149s
max time network
144s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
23/07/2024, 06:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://hw.fgjk4.xyz/index.html

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 6 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{9FDCEF30-076D-4C82-82B9-19AE188195F7} = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 40bdcd1064f7da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe

Suspicious behavior: MapViewOfSection 6 IoCs

pid	Process
2080	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeDebugPrivilege	1984	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1984	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1984	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1984	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1184	MicrosoftEdge.exe
2080	MicrosoftEdgeCP.exe
1984	MicrosoftEdgeCP.exe
2080	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84
PID 2080 wrote to memory of 4608	2080	MicrosoftEdgeCP.exe	84

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://hw.fgjk4.xyz/index.html"
1⤵
PID:2856

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1184

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3336

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2080

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1984

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:3308

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:316

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:2088

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\OHP8MVFQ\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\57QJXHSK\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\animate[1].css

Filesize
53KB

MD5
71bb9fc1f1b4f12d2c86bae6b025f6ac

SHA1
8ceec941666f5e5551eccd43177e3543d13cdb1f

SHA256
5cf15765525c8f203efd382d8176c81e9bff48161cde349770d5054421d3bc6b

SHA512
5f2221012abaae4924ce494fd68346a634af096411206de0e69396cd3d9d7712e301d7832c8240dabc2260602d7fd3d9056cc609561c0739d0c9291caa737d9c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\index[1].htm

Filesize
52KB

MD5
b1c3a7a3f10b858a123cac367171ca21

SHA1
de40e531f9c0380af9d702f34b28d4ab5a9176e9

SHA256
d8adc6e78d46ea420dc2d7e6ce3c9bfcb07ba4c9be91ecdf575fba97baa5676b

SHA512
980e4f605d8dab2f49f3e5cabb8af4ba43c684f746846290937c21ed41786418209c4ed19d8c5f65f3d412138d5161d885e440c8afbb0f46850ad23ec550743d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\magnific-popup[1].css

Filesize
5KB

MD5
6f414d3efbe1193494cfab2427f2475f

SHA1
6fac98012b37ad35abed1eb1ea127f2dddc4039b

SHA256
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

SHA512
d40b7bfffe0bf3ab13bf30843e80eca9a77ff028e096d22f3815c88b90cbed70ed8859265364b649f78d65c3b4bc0ec158a5ec9d8d2961377581400fb383fbed

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\owl.carousel.min[1].css

Filesize
2KB

MD5
01fd01cf42100948bfb91ff752f3f413

SHA1
5f7eb1dd841cc14c91790979c9b18fe5ba5ae943

SHA256
8cf343c5c6f29943b53d16d8115d480944db0e1e98c3a3e91c5b01540df0023f

SHA512
98ebcc0d5aaaeccac9bf7ff9314dbc5b61a57fbb538e296a67a72a70edb728bd91525a85a97044e856a07cd2f3f7632d0590285c5b43d5d3004589c385be09e0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\owl.theme.default.min[1].css

Filesize
936B

MD5
275048a23c69c24c6bd3316d9a45882e

SHA1
31f27f631d97f8564386f05fa2859683349d5fbc

SHA256
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2

SHA512
190cfa9c0a64753edc58dd429e3fc33809327f334ea2afadc4885210ad46e074c26d21d51a9b2bbe2ae9b5b00feb436eeea6f0d3e5e50003c65262d4d8be65e2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1QJVXDQK\uifonts[1].css

Filesize
21KB

MD5
e5bdf3e85d533e2904f2e7e1aa07ab82

SHA1
c336975d67eaa82a25fdc2ca2e0d0e89757a6632

SHA256
b4ade0e02dd7883237937b133a1dd4c9ab589561a91d1ccb52e34c1d0fefa5cf

SHA512
b2601898b55a45fe86d70c5ddb00ebf2807d9c7fc5291487f188509fd05311971a362176aae7cd0c380f6d5ca0d3216c181c4a8dcb4cdce32d2b7ce8d023601f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\1[1].png

Filesize
52KB

MD5
5533ca2c86bd76bf16321851c18751ee

SHA1
acc645536cd686fb54e0d0f2b8145e15ba198bb3

SHA256
e57aee3e4b4dac5eb372372e445f2e98e6aa2b3d526c986ab5a5df648c2bd5e6

SHA512
067e4b9f8d2e28c6a7ab4044a5f8c531d2e2b334bfc6725e812bb36be568d7aca08672c07b3c34809bf34eb09e0c9ce8b1a0655d5cceed36c77ffe8abf9cfb24

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\bootstrap.min[1].css

Filesize
160KB

MD5
1a7b76551f9d39b2663200eb24184d84

SHA1
3c2c3cd389ba862b4b17b9900d3bb10d529a7e97

SHA256
9922ddfe373b91cf593cfca8d9194a81218041c0ee1fde5d2ac970bd079a9b14

SHA512
7a7520e07a74904416a64bcc78915494a72ff4b24f65379019cc0de1a7f06f02ffe7a24e73bff937a89d36362de71e3135fb1dde4d943ac710fbb114083f9e39

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\cn[1].png

Filesize
4KB

MD5
48af3c2106cd27d13a54efe5d93e4256

SHA1
fd2cfed3289f2063c918efab30b71d3b347ef5cd

SHA256
02f3edb4204ff1b74f083557fb8b0481d9e9e8ba99551be78dfb2719d758038f

SHA512
a8530e39a5a1ab236ba58a7dab397d959a064e39f4274eac3ef1bcbc968e44e39dc723f1815aa03924e8873b15702ee4e979b3e46f8b1e6bc337cf597c11f8c5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\en[1].png

Filesize
4KB

MD5
23e18ff2e593e5d0ba3a1ef7563ff77b

SHA1
4f3c9e051574bde284b00eb3a643ac503091ddea

SHA256
99ed041f8423112c9290af7cd0fa6eb0f7d535f50f1fd3bbd772221ac59be8ad

SHA512
f554ca2f45cab23a8ad24afadd0daf86bd6281e1ac2b5e99daa4a43a49643dcbc7212524c7d393a2b43bead101052917fb485ae5fdecdb6e4dbfbbe64f8cc0c5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\index[1].js

Filesize
305B

MD5
7f8e649632c1d5f4cfcc3a3dcd93aa3f

SHA1
857be34269cedbef1d436a47606ee3f03402fae7

SHA256
2406ea427608d2affb272b90778faff69561f8a35f612972f43e238f512ed449

SHA512
3a715e23c4858af69a56affef30c71bf8558296296714f2ddc84070bf0e02d10a360ec8290c03f9339890dedb677f4485a6e20df85560ca6bf9828836667caa1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\logo[1].png

Filesize
18KB

MD5
cb4a6d0b49bb78eafe9f227dfe8cb95b

SHA1
7e281d7ef0af81ccf59bf36ba7691ef06c505ad1

SHA256
0f8e57d5ef53b8d15f3f997abf2caa3892f897f7338b9507fddb85be53f150e3

SHA512
b1c85e0ea047ab41ea2ec6d0f4b85bb4a6cbae8620b6dc8b056ad2980211451a767e10bd134817098356bda156b7552a15821b95924a72a66dab3c106b6100bc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\responsive[1].css

Filesize
18KB

MD5
9a7fc377d5ee25af81bae1e62cccc917

SHA1
777bbaafe5e957ccea2741a52ab60195d5ab8950

SHA256
abcfd104372f3cc440849bc95a97a4d202f03e7f5e43ec1868332d83fe3f3a9d

SHA512
a10505a1ffbb76d27a476d6e35e66073385b674edafd992f57475933f497c90cb1331066c388b5d1bed0435c91815347085a97980bbaf05d4b6024048bf70674

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\style[1].css

Filesize
112KB

MD5
027eab4bc630514d7753ebc9fb430dd3

SHA1
56a2a93d59603fca48e7ea93fb08afee1375ac05

SHA256
7a3cd911498f21927d9c97b53ef2eb43a45c308823db247994f0f89ea29b3947

SHA512
627d6ec30fc84a8492c13d83293a88acc74dcdb93f512e6126379d9ce3885efab0790b2d8201f7da0ea116303cc47cdd43a36ba40ae5dbce463ed5dbf52c15cf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\va[1].png

Filesize
3KB

MD5
3fc57c0f79a33ec0dd0e38f2af61df9b

SHA1
5692872e11e138c78b22b891869ca2e6b540cedc

SHA256
09c9293af600a01297993393378b346b3d853e2d10700fa112b1615f58dcc7fb

SHA512
dc9c2e96ba3241b7f16a214d10f4e013c429b74f9c7f624f8cf2c7e7a6566a8e808fa1c3496af91de363b6ed2a361cf83c7c76c663ff8b27a0a034cd6a06cf7a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\J6UP2M1D\validnavs[1].css

Filesize
47KB

MD5
1bdd3899b4dbe201171d428ccc1e67b4

SHA1
4aadfd7f64c742515a0204cbc7fc70b06dea04fa

SHA256
d457686d574452e01701eaab7ef6119c2b63e05a3c913ad19e498cb799645586

SHA512
35c7e1c8d4144720394db16326f2faf980948c35e0586ade9b44bd3babd86289a29194c706e4560d3ac58f3c4daa204e9703ac70e8dbeb9741c70f193de2347a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WC8C72FW\elegant-icons[1].css

Filesize
21KB

MD5
a897ae68d6a3fdf1ff7566ccf19c26a1

SHA1
2706ec7632f9703c351c40150f7d4c7755117d2c

SHA256
b9e9dbcc0648f6b267410e1269a204fddf9af8e33e2b21e89b56edcc9cfb7a62

SHA512
a52b69547218bf7d91c29a6c5f03089be3357d9610c77d8a4d155c1d88f3deb90f99842ae44748f7919dc3b14e053a63d270890e3bff2f0b3a9cbf776eb21e1a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WC8C72FW\flaticon-set[1].css

Filesize
2KB

MD5
1474ed695f92963eb2c60ebfbf6d362d

SHA1
09a9aa56ffb86173fc8f3dbd934b6ab92a6c7630

SHA256
66202e974caccce72e37611f8ac321881468d2ef0a0c602c6a19329315dd5b22

SHA512
1039977d71576777cfddec2a01a056c1b1111aa21dfa59e88e5cc5907e24a977913842bb71cf29e8a4b1d68317d1b84e71749e6a66604aee796b9b4d12983bd3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\1-2[1].png

Filesize
19KB

MD5
1dfe389ed19827ea44de23a144846a29

SHA1
8e657ebefd3c26eb760ea60d289bb8e76dfd3a5a

SHA256
05fb8e9d25eec4bed82d35a20383ac6f984a848c1b7107e92c8bb820c7c75bcc

SHA512
4477fa8896b447a3c11eb92a16074c152cddfdd98454f5f8dd2938ecd22b7ed85459e5575401af2058a406d32d749cc33e1ddc82b7184c6334547933df3992ca

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\1[1].png

Filesize
12KB

MD5
574d0c9a348677cbc0e5dd94ed044854

SHA1
84b745ecd504b27fb66004d3bdf7da69e9b63f14

SHA256
7702bf456e77d84469b301c8d3193d8ca64e42b398de2ad18ff6658f98df5153

SHA512
f708b8b483201c58fa00a5a9541a799b0056df077f87c85e392487468798f8aaa49920b71685ca052aafe0113a04dcdd48867ad450dae0b3012c44f9d35e3276

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\2[1].png

Filesize
11KB

MD5
4b682ead606de6f04bb2b4501dc0d215

SHA1
0c680bf1aa669f0c42e2cd72b75c803425c97efb

SHA256
7d44bf8db0ffeaec4c8b0c96490682274c71f5c07a9cdb1f6100e038e3648b16

SHA512
e634019ff211fc5b882828460351db4876b416035d528e1818dfc78e41606fd769fe7a75036f196eb5801245c831b9a29d333f29107e495f160fadbd533ee298

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\3[1].png

Filesize
62KB

MD5
b20c5a67596636107941d6aa0d37c3cc

SHA1
cd3e975407c8c5ab3f5702c04307cf6f0465f473

SHA256
cc1fd7ea0e043ca6ed04cbb2cc524a09e9895f7049c3b409da773dafd8d43f43

SHA512
9ad8a5b232cbe09c8327169235f571a164433f4ea853fdb19dd52926782aa0c2ef172cd894451b8086a949aaac6306e8bfef9870250016b1ae634611b76ff2e7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\4[1].png

Filesize
8KB

MD5
107a0b164209c256bba38480cfe59a0f

SHA1
c60961edeec1184d608de1ac1e33b254d92b2adc

SHA256
fef158b0472c76fc4108932abae4c057c50af029799a4dc623bd3b6278429816

SHA512
db9f41cc9fce44b44552dfd97b30cae9588feca8d9c1a720d862d76e82273d8b9fd7a5878d36f13d173ae8a1a75c1797f8497bc13532b780b1047703869f5a51

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\5[1].png

Filesize
20KB

MD5
11b196841e75d435d84c44112f43cef2

SHA1
94bf6fe29b4dc81ba4965fbc45644722e9a1b05f

SHA256
4ca364ebe75575f0fb6b1669455606ea3a639ac76f27895eb20759c249cb0763

SHA512
dbe6f626784d8757b7359b9348b12c9b5071a28ad071a95c57e59ca32bc9874907e9b786c9f6d6912f9d56b60dcf5190914cd7ae18f3682a2809e3d63cb3fecf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\6[1].png

Filesize
11KB

MD5
d3f9bd3d8366f57c5999e21e9f699564

SHA1
290823ca56505184aeaf202016cff70291df24af

SHA256
af3bb9aaa8b2685437b1e51086f018a1883bf3a98298787d4efc5eb596fbf972

SHA512
faa4ca1fa52c10bdc6300ba1df2b3ae91bcbac9dd9e89d300dfcd7d7c9d5e4a6aa72261305941c648e1046a176247cd44748e587378c733dfd92531862362ba0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\font-awesome.min[1].css

Filesize
170KB

MD5
f986df3c5abec513f1bc4d88b41dd32f

SHA1
2a471c144d52c9a5fb092c3353d101a31f7bd941

SHA256
1ffaf84e9c116a4dd7ff5b86fef782c85e0965047a1a1c8d2995dad4872feaae

SHA512
ab36e920a9bc219f4c23574826bcb1e256edd9398d42f68373a5bbe31b388723324265f761f25520c93876dd390f90ea508a452cfbaac91966a2ecc7297428fe

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\p0[1].png

Filesize
45KB

MD5
8e146b9c40726aec0a8aabbb436132d4

SHA1
722464f130b31a8982b20e621f4a817aa7831706

SHA256
80b812121af137888fe9d579bfabe7e05500eb19c4a151b48446db746b11b7e5

SHA512
f71e8176036857c59b49553977e84e27c842c2da11409e853588e09b3ff33c6dabc1df7506df2bcdea00212d38683f0346a75a7ebf75685a285665a32f6f21a8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\WQ45COMK\themify-icons[1].css

Filesize
13KB

MD5
c7573c6b9979b2e34d3eb9a44f191ca0

SHA1
29308274e31a310b76943636cf283784f651f905

SHA256
4eb53d9c575b362d63d9022cb83ee14a9f63afc98bd597ce40b08f625810ee22

SHA512
039a8aacdad68a0e0a6896fef7fd980482e9a0f7a8dedc4de8fd1ff0c34d79b28a019ceaf8750bf79eef66488f824cadaf9fbc0e9a73c6054375fa30e9771132

Download Submit
memory/1184-16-0x000001C5A6B20000-0x000001C5A6B30000-memory.dmp

Filesize
64KB

Download
memory/1184-0-0x000001C5A6A20000-0x000001C5A6A30000-memory.dmp

Filesize
64KB

Download
memory/1184-35-0x000001C5A3D80000-0x000001C5A3D82000-memory.dmp

Filesize
8KB

Download
memory/1184-183-0x000001C5AEFA0000-0x000001C5AEFA1000-memory.dmp

Filesize
4KB

Download
memory/1184-182-0x000001C5AEF90000-0x000001C5AEF91000-memory.dmp

Filesize
4KB

Download
memory/1984-44-0x000001C9712C0000-0x000001C9713C0000-memory.dmp

Filesize
1024KB

Download
memory/1984-45-0x000001C9712C0000-0x000001C9713C0000-memory.dmp

Filesize
1024KB

Download
memory/1984-43-0x000001C9712C0000-0x000001C9713C0000-memory.dmp

Filesize
1024KB

Download
memory/4608-154-0x0000024DB5D30000-0x0000024DB5D32000-memory.dmp

Filesize
8KB

Download
memory/4608-164-0x0000024DC6D80000-0x0000024DC6D82000-memory.dmp

Filesize
8KB

Download
memory/4608-160-0x0000024DB6700000-0x0000024DB6800000-memory.dmp

Filesize
1024KB

Download
memory/4608-159-0x0000024DB6700000-0x0000024DB6800000-memory.dmp

Filesize
1024KB

Download
memory/4608-158-0x0000024DB6700000-0x0000024DB6800000-memory.dmp

Filesize
1024KB

Download
memory/4608-166-0x0000024DC6DA0000-0x0000024DC6DA2000-memory.dmp

Filesize
8KB

Download
memory/4608-162-0x0000024DC6D60000-0x0000024DC6D62000-memory.dmp

Filesize
8KB

Download
memory/4608-151-0x0000024DB5D00000-0x0000024DB5D02000-memory.dmp

Filesize
8KB

Download
memory/4608-156-0x0000024DB5D50000-0x0000024DB5D52000-memory.dmp

Filesize
8KB

Download