Overview

overview

6

Static

static

1

URLScan

urlscan

https://twitch.tubst...

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-07-2024 06:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://twitch.tubston.pl

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitch.tubston.pl
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb038646f8,0x7ffb03864708,0x7ffb03864718
      2⤵
        PID:2908
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
        2⤵
          PID:3628
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1528
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8
          2⤵
            PID:4920
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
            2⤵
              PID:212
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
              2⤵
                PID:836
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
                2⤵
                  PID:1036
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
                  2⤵
                    PID:536
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4040 /prefetch:8
                    2⤵
                      PID:3608
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4040 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:4960
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
                      2⤵
                        PID:3960
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
                        2⤵
                          PID:4544
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
                          2⤵
                            PID:4624
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
                            2⤵
                              PID:3588
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
                              2⤵
                                PID:372
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1
                                2⤵
                                  PID:3444
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
                                  2⤵
                                    PID:4980
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1884 /prefetch:1
                                    2⤵
                                      PID:4748
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
                                      2⤵
                                        PID:2360
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
                                        2⤵
                                          PID:4328
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5812 /prefetch:8
                                          2⤵
                                            PID:3660
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4048 /prefetch:8
                                            2⤵
                                            • Modifies registry class
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:1380
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
                                            2⤵
                                              PID:2044
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
                                              2⤵
                                                PID:4400
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3964 /prefetch:1
                                                2⤵
                                                  PID:2084
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                                                  2⤵
                                                    PID:3380
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4864 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:1428
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
                                                    2⤵
                                                      PID:4372
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
                                                      2⤵
                                                        PID:3932
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
                                                        2⤵
                                                          PID:5068
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6828 /prefetch:1
                                                          2⤵
                                                            PID:3936
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
                                                            2⤵
                                                              PID:4468
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7252 /prefetch:8
                                                              2⤵
                                                                PID:4140
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8156 /prefetch:1
                                                                2⤵
                                                                  PID:3648
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8184 /prefetch:8
                                                                  2⤵
                                                                    PID:3808
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7216 /prefetch:8
                                                                    2⤵
                                                                      PID:1728
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18198437782882530552,2976312140697793387,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1
                                                                      2⤵
                                                                        PID:5052
                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                      1⤵
                                                                        PID:4100
                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                        1⤵
                                                                          PID:2132
                                                                        • C:\Windows\system32\AUDIODG.EXE
                                                                          C:\Windows\system32\AUDIODG.EXE 0x4d8 0x468
                                                                          1⤵
                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                          PID:1596
                                                                        • C:\Windows\System32\CredentialUIBroker.exe
                                                                          "C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding
                                                                          1⤵
                                                                            PID:3456

                                                                          Network

                                                                          MITRE ATT&CK Enterprise v15

                                                                          Replay Monitor

                                                                          Loading Replay Monitor...

                                                                          Downloads

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                            Filesize

                                                                            152B

                                                                            MD5

                                                                            c00b0d6e0f836dfa596c6df9d3b2f8f2

                                                                            SHA1

                                                                            69ad27d9b4502630728f98917f67307e9dd12a30

                                                                            SHA256

                                                                            578481cd359c669455e24983b13723c25584f58925b47283cb580019ef3142b1

                                                                            SHA512

                                                                            0e098ab5f5772fec17880e228a0dccbbaa06dc1af14e0fd827f361599c61899fe07d612a7f7b049ff6661d27fdc495566dd20fc28ceed022b87c212bf00be5da

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                            Filesize

                                                                            152B

                                                                            MD5

                                                                            54f1b76300ce15e44e5cc1a3947f5ca9

                                                                            SHA1

                                                                            c978bfaa6ec6dae05464c6426eaa6cb3c3e2f3b7

                                                                            SHA256

                                                                            43dec5d87b7ee892a3d99cb61f772ba403882ac0772423f36034e84244c1ca24

                                                                            SHA512

                                                                            ac26e5676c675be329eb62b5d5a36a0e6014ab8a6366684b0fc2a59ae5f061f596f462b82eb4e9f135d2235a0cbd4af96680d234eecc873a8397fd81507d277a

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            61c0815b9585e9e1cc50860cab80ee94

                                                                            SHA1

                                                                            f8cc8ee3c19ae2872a7b4c6f1cfec1a2565ed580

                                                                            SHA256

                                                                            31dc936108eda72bfe4305beeaf40bfcda9bc23f106cfe9d11f64d5e5607d15f

                                                                            SHA512

                                                                            2a7d59a993c13f0ab2d2c8abb5bae2d8e7a18faf6fb7069f46c056e73a6ba64e6ec7afb148fccaf4385f1e55ec75c368d500ab5a57e76b9573fb115d61252096

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                            Filesize

                                                                            401B

                                                                            MD5

                                                                            c36f6220a61c3cfd2000e5525a4ab119

                                                                            SHA1

                                                                            edc7d77608c224eb8274570782b55eff95cb514d

                                                                            SHA256

                                                                            36207229405fb7dc0c067a1e7e6e86e85eb811e617a3bc4e145ba63dd7901482

                                                                            SHA512

                                                                            a9e8048f905e49f8f3641555ee4e0176a058225904fa754824258758839f2ad521cfbde32457edf35631608f6c7589b68bc3f4847e94f67f4e861a5a48cafa3f

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                            Filesize

                                                                            180B

                                                                            MD5

                                                                            00a455d9d155394bfb4b52258c97c5e5

                                                                            SHA1

                                                                            2761d0c955353e1982a588a3df78f2744cfaa9df

                                                                            SHA256

                                                                            45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed

                                                                            SHA512

                                                                            9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            81585e5e4980242c0187522ec82ccb5d

                                                                            SHA1

                                                                            57478526a7da26b0937f24d09f2bd04d0c97433d

                                                                            SHA256

                                                                            d91a4207acf517c5cebb8ab2a1634b13014dd6fbfabb008a8f74ef6ff882ef75

                                                                            SHA512

                                                                            049251e89a57a7e5295919d06cdcc597b964621b3ae76343fd725c21463b1ffd77967e3f48cc830b58f21b14d91b3310d706bc57f7eff798f0b3d7509d402c09

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            7KB

                                                                            MD5

                                                                            1ea97c8ed5211c8d5cdb3cee33dc914d

                                                                            SHA1

                                                                            d3367f0330b72e7595df3665e475f577d698f477

                                                                            SHA256

                                                                            220564a9b7026aa4f3840771ad04fa23f0bc54ece7e6b3257b2ddfcdf0514559

                                                                            SHA512

                                                                            df3ed70853b2adc16f6ebad555bde44eec36989084f725b0093515290aaca34b2b787f2f56d8eb1e5925efa085b766a90336c61bbcffc04067fc1021526d925b

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            abaea7cf1cf68284e3233636468d1225

                                                                            SHA1

                                                                            efc917669690f3669e6e947ced58c351519dac2b

                                                                            SHA256

                                                                            aa77bf78849c09ac7cd6d2d980a130ac406b5a60bb528b07dbd835781bd44a44

                                                                            SHA512

                                                                            c6b6ea232cebdf51013f5e1dcd1272ce10bb5346d9f911b9838b10413101b123cfb233b049d191000124b348329cea85b1a3d4a32637f5886b965e9c3142aff8

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            a8bd6fced37949b9b75a8e06124c8d17

                                                                            SHA1

                                                                            bc4b40487038e7729967bedaff3b2fc5733b8e29

                                                                            SHA256

                                                                            32845194c01d349d24abbd81972d730a905bf10df69065db88fb3b6560b98697

                                                                            SHA512

                                                                            c197c0729aa6b454f88857537392a2fd30002104b179fe7f7d5e3a12aca720af9961d8071a8232a461fb6e6c3ab28e5322fcd3646d4a1e77cc0b9c2cec694d3c

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            d44ce413b4c687bd0a440e98a7e686b8

                                                                            SHA1

                                                                            81ac39e1fdcc19ce641fad56aa215a8b6a3a7fb7

                                                                            SHA256

                                                                            571558eed2e1b90720513cb359475d0dc2169766a9fee0f2113d243ddeae7635

                                                                            SHA512

                                                                            05ab92e0866c17a3cc15f5dacf1807386bdd8992b70dc6c6b856078c4073a8d35496431fbbb53c814d686482768dfe133c8c71c31999637255e9026f93c8b1d7

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            6de2e077878362dd106508d7ebb948bf

                                                                            SHA1

                                                                            1a009a4fe5e4966bc667f98337ff2756a46af57e

                                                                            SHA256

                                                                            fff7dae2f1d25ec0e39742b4923e09c35ef6c412d50a79d6a469b2b1db5cb7d7

                                                                            SHA512

                                                                            8d194eeeb0084f339231575b4e561f5062c0cad7826496b590a2e4132306e19c0a60629a22f5dc82d0c8f4c725f96114c3c4ed6178a7156a163cd66b7f48a9e3

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            2KB

                                                                            MD5

                                                                            aa66244ad672fcc3570018f479d8fef3

                                                                            SHA1

                                                                            b007722ffae4be2c2d061325d7f7b78158d5c8fb

                                                                            SHA256

                                                                            59d257391fbd782e7058453f76e2321f7176b0f1001d4cf9689d451d78af5b02

                                                                            SHA512

                                                                            166b2c81907c455356993da71274b15eacbc9ffa7f5c5f14789fc3ae422a631c4542be79cb1ad3389b27ea21b9a2602bdb98b1f8f6b4862a98b49ed5507c5cf1

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59dcaa.TMP
                                                                            Filesize

                                                                            538B

                                                                            MD5

                                                                            f67486219a33d5d5853322d70f3074b4

                                                                            SHA1

                                                                            0ada79ca9dfaca28a32c747796775f0fc0c1d906

                                                                            SHA256

                                                                            945b8a156bb95cc62ab82815ec9086d9358bd69f9851f26f015801cc4e73af4f

                                                                            SHA512

                                                                            ffab0fdbad8f127c40e1e584f861621469cf3a459f4b12435892cbfc018c225ee832b24cee5893863a496b8f0449d5ddc5289f505bfc87c2ddb74b6599b9b7e7

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                            Filesize

                                                                            16B

                                                                            MD5

                                                                            6752a1d65b201c13b62ea44016eb221f

                                                                            SHA1

                                                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                            SHA256

                                                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                            SHA512

                                                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\c20c851d-c12e-4bb8-a93d-3fb6107e887c.tmp
                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            b173e7cbb5de73d6dc83c8a01c21a96b

                                                                            SHA1

                                                                            2e22189cf4a13b2569653c38df8c1acc5a28440c

                                                                            SHA256

                                                                            07f1eca4710c561200bea75480f7fb1936c2c10e0c9483a93ffe2f0de2daa8af

                                                                            SHA512

                                                                            04145df8dc30027f0db2fc826cea59a856c7cb8985c8a0e17acf839a4cbf579dcd4f04fdd03f926b6c9040ae58427c966101733016c0c50b3d7c98531c41757a

                                                                            Download Submit