hxxps://www[.]roblox[.]com/users/3340343290/profile

Analysis

max time kernel
188s
max time network
193s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2024, 16:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.roblox.com/users/3340343290/profile

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
193	pastebin.com
194	pastebin.com
195	pastebin.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673476132582463"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-656926755-4116854191-210765258-1000\{BF4FC659-3E43-45BF-8A07-619F389FD083}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-656926755-4116854191-210765258-1000\{DF5406AF-5307-4C99-87A3-60A5C656E566}	msedge.exe

Suspicious behavior: EnumeratesProcesses 23 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
4020	msedge.exe
4020	msedge.exe
4576	identity_helper.exe
4576	identity_helper.exe
4056	msedge.exe
4056	msedge.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
5912	msedge.exe
5912	msedge.exe
1248	msedge.exe
1248	msedge.exe
5104	identity_helper.exe
5104	identity_helper.exe
3620	msedge.exe
3620	msedge.exe
2472	msedge.exe
2472	msedge.exe
2472	msedge.exe
2472	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
4020	msedge.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe
1248	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4020 wrote to memory of 2868	4020	msedge.exe	85
PID 4020 wrote to memory of 2868	4020	msedge.exe	85
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 464	4020	msedge.exe	86
PID 4020 wrote to memory of 452	4020	msedge.exe	87
PID 4020 wrote to memory of 452	4020	msedge.exe	87
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88
PID 4020 wrote to memory of 4532	4020	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.com/users/3340343290/profile
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb92746f8,0x7ffbb9274708,0x7ffbb9274718
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2532 /prefetch:8
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3532 /prefetch:8
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3552 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8350378120144946336,16565853641794639577,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:4392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1392

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2284

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbb93bcc40,0x7ffbb93bcc4c,0x7ffbb93bcc58
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1892 /prefetch:2
  2⤵
  PID:492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2128,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2280 /prefetch:8
  2⤵
  PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4244,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4520 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4724,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4744 /prefetch:8
  2⤵
  PID:5764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4752,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4772 /prefetch:8
  2⤵
  PID:5888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4744,i,4986590351128017449,18147403554072591338,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:5948

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5252

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5832

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffbb92746f8,0x7ffbb9274708,0x7ffbb9274718
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:5444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 /prefetch:8
  2⤵
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  PID:5844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5072 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8296 /prefetch:1
  2⤵
  PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8304 /prefetch:1
  2⤵
  PID:5644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:5824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7312 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7540 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
  2⤵
  PID:5880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8836 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:3408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2896 /prefetch:1
  2⤵
  PID:2624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8824 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8976 /prefetch:1
  2⤵
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,7725778634772916953,14872446043958969678,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9012 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2472

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2560

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2640

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5420

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
799c73df6f1273be165b6c3517c0da66

SHA1
5e8339c9399f286b882c281d19c90d079398ddb4

SHA256
4661f832fbef2611377b0cef0cd6736521f6a6968a5d0e8267c148b86de2b892

SHA512
4e008dc619ccf1e14e3e58854b52b873838db9273201e7bd94aa8a447479029c0582825f311be21877b9469e1159af6af7842c7b96a53bc7c1fde66bdf47f4d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
fdab844e6392d5f107b94e1af60b78b1

SHA1
8ed50ffdff1d40918bc1f5271d4173bbce8f4abb

SHA256
0e2fadf66a03197653bcc0895256d1c736ef96019e3edfde0a8452b722b1751f

SHA512
3e227a0ab9fdc7268393c5a013b75e98128b0ea27d81cc9de42e90b1218be51ad23103e382987ac012753551ea1dab29c6caab7fcde81860cb85bfccc6bb2f22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\34556017-65a8-4a97-a716-c8e5d35fc35c.tmp

Filesize
354B

MD5
0db99e9b815475567f50b251cde0b1b7

SHA1
fc1477869b22c6086002e426702212a05d79deca

SHA256
f2625abe84fecf6496b3cebb4af4ba9438c5f3069010a0b3ee144e4260f2cdf1

SHA512
873f1892a977e0985b689010332da8ed65d685b3c9aa57a5b4c7944b8afa37fc5a5fb11b92dc9d180350e7c7cc12ee6f4a055d49a325af19424ba56e63719e80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
33b892da97b1e45b23ae013a4020fc60

SHA1
0e1c45584f39712141bc750d5fe0834ebf69ad4f

SHA256
3042a1e8d92f942bd6f0c4bb7fe5d0eb0b8d9f8758e84df439c963e2a4d01f5c

SHA512
7c9f5c581898bb442a80e037684150f8195fe39dd1cf3d0010ef79b00b9cf92887b105c3d36acb34e21d6553136e6e3c4aaec5ba6d9a040dc3d63ff66e1c142d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
bae8d11a23dfa3b3e0d5e9ba8ead6b7d

SHA1
1efc5285fc7f3b9ac33c290d400423ab17fe754e

SHA256
8f1f4de057aa16abe4ea3ab6f5f1fdc06f550f0470b50eab6a39b14d6f50ef97

SHA512
899014a0b963b2357e456e4edffe88e4c7a3201cafeece0a75a3579446fd483ccae77f3ea014bdb9262fd3d6c69a63b5309a37b45a3b7254b52a8005aa226ad3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a7b20299ed1f046d0d36d172cfab0121

SHA1
9d6061795e84390b9c3f478f35f40967a8a3b1d1

SHA256
a39e89e7dd8e7d2855728add2be2e5347eaf1951c8062559c89c3a127977ac70

SHA512
b73dfe9eb74da3a9f6d55b3b9af9562000248f7f00ecd6c2659925f963816b9a327839c63a663c28df6b94a4512f0990007cee491b0ce1c660cf5bff3d2a23e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
55a8f8137992020d91ede1b52298eb53

SHA1
97ca23ea8889a7f21d974687966b3ad8debec6f8

SHA256
3e61f6de7372915fef0a17e291a47068f68a72c57a01b8f8157d381592ce9233

SHA512
674e82595fb037a261469385a033a9d243704467cf4eccfd65d4e74e654f14c806898a2872841a9033cc1caf2d6e4c5578bd3b68126199eb245dad5f7d702f45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7ced7ba0aeacca6e7ea99934f97e7def

SHA1
c19efbdd25b0fe24c8153171a6ec4bbf5bb223a1

SHA256
673a7ae9c57838906bec771470f67e9e6ed30af81b459564b583d02d1e06886e

SHA512
c42c9aa3c5ffadbcb1b2e89ecb0da917d5a18aebdc84b54f7c354a859c443bfdbe911602abbcc800495f0f6c82c0ca7773113df09e637b02fb71b457525e303b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
5b3736df353e6fe98da84199ea1e3b3a

SHA1
07de94b4f83743d087a4477d76bb19f494195b0e

SHA256
ea2b0857c5f7266735be672286fbb4e7cd86b23f8b79d42132d14710222ecac7

SHA512
4f1f5b874c5eafb75d1500eef0b0e6f13545437655154dd1231f3cfe8473f6bed774a069fef98fe3cbbe6a37c1aa6d21bf037c003cae0200b8341a4cebfbf44d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
d8474702857931c07c3c5ae58d71d93d

SHA1
dc37f18575d1bb9e70f0451051f3d41a5d939dc0

SHA256
2bbc4cf0605bd1bffbc20398e2a77d3f9070f35b94844c0e58557d6c741c2d36

SHA512
618773cc8fa26410324f2f1b239c77e7ba001af9342b0d5567a83565414592a651cc476e2e168899da7933eb4c64d8d2f96e1da11789cbeba0f42308d8f655d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
d54877da502add5170c94c6e14243828

SHA1
3d433b717a7d503cb4fcc53177257fcee34a6ed0

SHA256
9abbb492f6573dc37adfa904004fe93454a47564913cb9d3526103983b2ba8c6

SHA512
f53e43f69a655832e683f2c73e15c0a67995a9374f0a5f9ee0df92fe33ad1357c1a17ae7e324d64316a613638726a62e76b89c1ed9b07bf1bc98fe98657005d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
eae020212de9e92c4fef17328be57773

SHA1
00c959ab14dcf868d7484e8804bcf50e0a1d0686

SHA256
90a56d154d7bdf5c3e9d940a093e58d308f4996df64db62dae8cf5f4e19db171

SHA512
e5bad0f7fc1459fe9b4be6c703a7aab2eaaea3771faaddfdd1e814eb5060522b3c5bef70d3079089c06ef6c367ab3b7bc2dd681a6672d86f98f0aac536df080a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fc9fa19b1a9107796b09054828755461

SHA1
1f5b4b626dcdd4c7772c76ae34bfe2f3a296444e

SHA256
c0336458ad469ec8d9c2ef0dfc5a0aa3b4a50976cbe3e1e77989c24e3510df9b

SHA512
44b215fbcd11d16c8711704a97c7283b0d10102b020868dbf71cadf8dd9a3bef6b9bb674624d77a5ff80f5d74941aba382d9f1496e44da4600e8d1ad80cf967e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f0bba87b6749d1e02b04f4d0f4afb85b

SHA1
c9bdb939b89f7c4dd0f1b24ac1ce5981f1d3f6c9

SHA256
1021264df35e45cfbf03740d6b1cd53f1b896fa17a7887dab8b5b0e2c34f5916

SHA512
342581aa160c807208797fcfe1b263cae01845d48d7b3ecb4ac2e463af200c6ba61d8a98a61413d4b66aef29f2d30ab88e59bae3ed91eff8cc32e40c1b6cc404

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\068921ba-9761-4f5c-8a42-f835551cf7ec.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0e0d68ce-fb32-46fc-9a60-0e78a2e5de31.tmp

Filesize
2KB

MD5
4d87025df352405c683933257ea71701

SHA1
82e6527de1b7f93965102fcb5a380eca4b56052d

SHA256
0c2edf9b47f2a30c8b61b1347bfc27ec6f4ed956f24abaeca96ac3f107070af0

SHA512
3fce28781845fc1eb047d3cbbc73030552e87ffb844bc7389bc24e1cd28716a16192118392a5bcd3264a159f58cd5491f63ded571c005a819a8bc3f64d9fd455

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6c5eeb00-5f20-41ba-9647-63e050f57b80.tmp

Filesize
7KB

MD5
4ae94349de7b292f369d3aa0405bf9bb

SHA1
c09f92bc3a26e0373682810d8c570cb1b48757e9

SHA256
7f487e1b5a331744f45169d4ecec40474b578081691d9138ec62f9e7577a798a

SHA512
34c9a133d39ad0787bdd45cde1fd8e9803138ff088902a4da50b4c7dd1035b694ac39ad7152a6ba6bea82442fd20a551ff8a43ad1b16de453a4c55c5eadaea32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
0d4bd1a73b1c02fa503846141c32b075

SHA1
3cdacb8894b07d408bfa0d713d73e1e9bf36d2ee

SHA256
d5b6d41627e2ac16851fa31e6b5194be0343c8f3285e95e099cac772d0981311

SHA512
587f7200b451281daa994538d35845236cbf3540617f729795838a8fef9bb71142a6aa29645f027469985ce9762114dbcffb1c6394b478be606ff4a2e52ad0f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
b69d7ca9429e160d9bb26287335053ca

SHA1
b76b65445f41886df2e29070ef4b3eee5fd8ba2e

SHA256
3a7b5597a3367f0a53ade8f30525a2de8544cb2d87cd7b82d06fdd0ff7749a47

SHA512
9208e3fe1f9355b0c5d1d6241caef8098374b068204c5d20c26a52dfbaeefefe89409d11978d23a58659e27a1c2d57caeca4935b066c276dab66142374474beb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
fce4826c0e98dd298e65e914ac162970

SHA1
cf96169f1e654d77e5d9c08b8382eecfaf4bb16c

SHA256
e75454c7205a0151a95ba252fc5fc12d7791e608d4f1f514e08269f689ab7376

SHA512
3351f24a787312f7c97adc7bdd42382d11686cbc53ba462a0751db7186ad8448551cd1bdd22eb668007e28446e044170b686b4b0e612b6cc1999864280392df8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
206a5bc31e375258f1be727569a3f01b

SHA1
ca720ccdafa572e8247e6564956bbaf9346a6ae8

SHA256
d054f9ebfcf7ec47c759aba1c87c0f2c5416ac0dd77aa2e0ac256f9ee4ce65d6

SHA512
f2cf535698afea63d1c3d9a4190a151d1e5fa8785b8160d0ec4ae34eb49136a14d7d49135df6acd8e956daf59d228158256b3ca0be0c2e84d0a85651ac8fde04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
69KB

MD5
24a806fccb1d271a0e884e1897f2c1bc

SHA1
11bde7bb9cc39a5ef1bcddfc526f3083c9f2298a

SHA256
e83f90413d723b682d15972abeaaa71b9cead9b0c25bf8aac88485d4be46fb85

SHA512
33255665affcba0a0ada9cf3712ee237c92433a09cda894d63dd1384349e2159d0fe06fa09cca616668ef8fcbb8d0a73ef381d30702c20aad95fc5e9396101ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
41KB

MD5
ed3c7f5755bf251bd20441f4dc65f5bf

SHA1
3919a57831d103837e0cc158182ac10b903942c5

SHA256
55cbb893756192704a23a400bf8f874e29c0feee435f8831af9cbe975d0ef85d

SHA512
c79460ded439678b6ebf2def675cbc5f15068b9ea4b19263439c3cca4fa1083dc278149cde85f551cd2ffc2c77fd1dc193200c683fc1c3cdac254e533df84f06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
88KB

MD5
b38fbbd0b5c8e8b4452b33d6f85df7dc

SHA1
386ba241790252df01a6a028b3238de2f995a559

SHA256
b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

SHA512
546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
1.2MB

MD5
027a77a637cb439865b2008d68867e99

SHA1
ba448ff5be0d69dbe0889237693371f4f0a2425e

SHA256
6f0e8c5ae26abbae3efc6ca213cacaaebd19bf2c7ed88495289a8f40428803dd

SHA512
66f8fbdd68de925148228fe1368d78aa8efa5695a2b4f70ab21a0a4eb2e6e9f0f54ed57708bd9200c2bbe431b9d09e5ca08c3f29a4347aeb65b090790652b5c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

Filesize
62KB

MD5
f9f305e10bd8ea1432b9fd1d355ecc90

SHA1
934ce6d59f903d145519d1066bb574c82a25edf9

SHA256
01d35e181e0a373c0fae013280a79616dbb1fc2d2f892b3215c941c098e0c9c6

SHA512
9efb67bfc44f6c31137e0387bac74880f9b93d3645837805ac6ffed7e7fad5be7c3812cd11c9172b767ff4cc258fa140663c33892ba8f28ac2ef7686b3bee0aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

Filesize
20KB

MD5
6931123c52bee278b00ee54ae99f0ead

SHA1
6907e9544cd8b24f602d0a623cfe32fe9426f81f

SHA256
c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935

SHA512
40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
47442f9bdaeabb49eac87d4940f6e5d1

SHA1
736f8e72bfac46357f7f6ab983a49954619614cd

SHA256
720292e69843c38159ff87604a03b89427e9be127cc2a3e3a485104c8675b9c2

SHA512
7ed3b5949f32939b09051fcd393906f3af1d2cb31ba952af9bf965d2a59e68f417cd5efb46bc97b9a7cd5f7699ae806e60c16889cbaa4317cc44cda44c70c9d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
c17361aa43ac0c4dc7062547d46d2bf6

SHA1
5bc24ec86912893b451b1ebd396f543e75d26c15

SHA256
7bac2c8d4e8a770e101e848892e648136b943506f61430bae8daeba3ddbb4d07

SHA512
cf95f0e302a9bef681d4051e0886aff0564c3115ef8c821daeec3dcf7a6edaed7e144b0bddd6db9d80d96ed0a82ad8cff729935c10318ab985b9a295ae18e856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
f25f1833045e4bec8275d1ffded45969

SHA1
f530a1848891443ca38079a75ad5bd0c363639d3

SHA256
a01ca0035482bc30e3c849fd3e190194d5bd12f1f3bd763688b62e33486fc7af

SHA512
e045071af262fa8675623729f0d064277ab8762031ded108e469d1a1d5451d9294a01138d08b04adb14781cd2d4659ec3b541f0e7d1049c583124ea799f3e1fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
b369ed03e598af556ea016820b603b14

SHA1
4b0e629d94456925aef705c0158fae1fe730c6de

SHA256
a3da408ed5cc61f2be70988e14d0521c342d398efb23df28f941deccfa6c30c6

SHA512
ffc531a6c3c49f9b8dc58902d1c2f191dfeea0c6dd7b7c43ca1f628a04f0220c3016731b4e20753aaad7b111c64a3a368a2d6a537d6e23c844dd9cc467fbd996

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
6a237cee7c7cd4444295446a7b3a4fd2

SHA1
8c68d41c47bcb84a1570b6ac87167f455e37ec85

SHA256
635c7c208798f263d77de0b809063fe433556b872603c9d1da89fc29ea7c6e84

SHA512
c79c196860e1e395edcfd1156aaa02b91f0ccdd8280d539c916af046495e272546fbbde687e946f6eef7201e43c383a8505cb83b0ec72d8e44d6e743307f784c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
28KB

MD5
3a3f9bc1e4c27028722cd4efaf448a39

SHA1
103c73806aef770621ec4de3c2ba5c26a019c01d

SHA256
95f1c1350dc65079fd93bebb3793bfb1f9d543bd321da1dc360c52afc7041f2d

SHA512
f5258fcaa4ca599bdd48ae05f1864c2f7d7110f98a63a0a0e14976ac9217f694638a551d8bd89c43e61d12b7b7d028aad9abe4ad5c7ce29c343e2f332d12c792

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
1f74d6e65db7dacaaf9d0ebc8ecc3e09

SHA1
d0c5f52c1d188f22a993e1ceb856398d5ee33007

SHA256
b0e05f63c157e1ce4c659dfa0494fbf719ac7b8808dce1e058c568a6706cc8f7

SHA512
b40e7bc33907967b6d80b435197fbb399a306e1f7002d670d293b43fa0a664909568ea389f6a35f34f361e4258b25593bc7b3add7382bac326b4d9a71e85b327

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
63dcfb25c38e1a330d8b76df1d492cac

SHA1
e0fd73a062442dab3dc7e8b494f15235bd890fbc

SHA256
4c957de12b716d3b24f7fd348ab2172df40a03b724fd313a3f8b592fc8b2b5d3

SHA512
eaab8c32496130dbbb279251e963733e24a01bad1972ff440a29c9b26a657dd0b22d5f3e8defe21ee72b68387e002e25da8f700ebe6262e1eecae401bba43d2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
476B

MD5
91174703a620698d906e93ed10fb5824

SHA1
bf4ab3aee89d2c8d633ebdf5044b0a17b2c26a96

SHA256
29c4738c7e48ad18dbd7105b249e745bff0dd88c87e776ed895e932566aaab7a

SHA512
a6d5406fb321821c99ef0b32bfd5d266990d558fbd574660c841495b23a437f4df3f0167614149fa5bc993eaf28762d0a8c30b862ca0b4b277a7cba0193d92b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
4b6d99de02fcb7f3459a21deee00415f

SHA1
1150d7a597950c2edcf34087ef466c580aad5ed6

SHA256
4aa63d3e2295347b0bd57b2e8562a2b0bfdb37f63cb06f7250b5750bf369a502

SHA512
af9dde7c3464b9570d306f27ce89f0e08c1fed72964d7696ad10df7465e59f2cfa3bf65c7346c765fc3fe65b117b54a19cc1cc8ac17545b7488af83bc11e5433

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
7KB

MD5
0dc1e0f51078f46f3d921d1353781a22

SHA1
b0e51e47456d276b588409c7d69586448a7d47e5

SHA256
3ea64f4d4c91c872469b503350145a0049fe80359ee250f1bf76843b4e42e29e

SHA512
e1c366af337af7dbc0eac293e676098731682ee4500947acedb6beaa20946adf9d137a364cba23c08b48fcd48e0e092e84bb4df499bae11080ba4ad1fee9c3e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
34df941671c08905eaf9548a7dec6127

SHA1
173235b845dcc259ca0e0f96152b5d182c8c36de

SHA256
bd3a157a78fe5f530d5e789b08fdd85850e14a8c6ea7444ff5678953cc89a30b

SHA512
ab909c12c3be75674ec1ebf4d9be3cc0313dca4b217fc6f71d475348f652405ec53ffcab88ee3b1503d1df377bbff802d84c30a0133c86f9fcec9a846fc5db29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3d6d1b5914ef6c99fb0f9fdbb319aa58

SHA1
bcba1f59d9b346ad0cbd26df3c796e2bb9f7e7aa

SHA256
c7704f4464969b6b88c64d08a851b13e4cda49e71a7be14622d965f8cf2b9562

SHA512
9dc107b4e4abd4f4d986319458af09210473a18026eb4fa960268c8cc31d492bb78f443c520c6d06704fc08e7e01f00059a67290f72345dcc9e16833f7148361

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
60e1b2e73575ba5447c35cca58b56f35

SHA1
c4654b9d051c89e6dd5d7ffa4c14803acc52f2d3

SHA256
223adc15ded9ab895452e53908e024990d0c75ac918bd4624b9c554823bbb6de

SHA512
711219ce80445bdd8cab025b826202b2077b39281f7bbdc9e653328b492be766bb042e316bbeb83b60985b3e3aabb9ade08cc4a2993830385d51eddc392a2e07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9e1ab676c3411efa33a121f6e206c4a0

SHA1
d5b602fc72a54ffac6db474dfce91d49a8980c79

SHA256
2f647db04ac883b42b539c68ddb439e137531664a28deacd6274e779ba3b6fac

SHA512
0b7483d3995ca51554954c61641bc631fa963fad30c89f1a66030cccfb06d28589266b0ed473f3ab4d043d6575e585905ef1877bccb8c49a72b03f71fd36e750

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
442bf3fe52ec422033fb0c7c1baab9a5

SHA1
242ade16f485816e8f136ef16640998f6cfe2baa

SHA256
12b49cd81117511c1489e183d272aff9d579279696c8711682a25c996810e9b2

SHA512
694e6abf1fd46fc721dbaf12bc6dd17e0f073c355826bc6af93cfc18693191a14fd725178f7bdc25ffa9b313a86a14912f57a6c353ef6b0e44f1a57a6c03a4ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ce54d9aa3045ad692841d296be17a63f

SHA1
36f279a604ad1c0c13d47f21d8478ce1432f0d41

SHA256
14d0a3cc17dddd1b35192756b78eaa98f3c350f82c415e6f22fcbecbc620a4d7

SHA512
720465e7a9deae7feed050ede5cfda557c4d97f46d4ed24678294ebb38389efb34cefecdb290a9d1612c1e1fd72eae7e024cb3ca44604a8cf0d1bdc3ce085fd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
71a2d912f9bd49ce9fb184c90a3793c2

SHA1
ee89197e932df9bb2d3de03f9e54f8f8f480fea4

SHA256
0185979756823c848ea3c98ec30f25718ca240891e72ef3d5eca8b560537d35b

SHA512
91c1a896eb639daaa4e553c5b2cc77ceeb0866d417c59613bc92b64e3a5c89f21a67aa1652cb5315ab685b4d3e0fee162e8399410b5197e1651f63f7dd394f14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
388B

MD5
5ebd5fba55ff07a746456769f3cb2716

SHA1
e5fda1d4bc7d6f58b0adf6650406bb22bad23acd

SHA256
2410ed45e70039d21e25c9d28ec5f906fb662b268d377bec38c96f1a0cd59bc8

SHA512
619c34541b0807050fb8646471f5cf58229c4fbfc0fcd9dd129b9813131d07d11dff147ff93bb6d4d26d75b50ff66d2c9201da653b11ce498bca266bad0feded

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
c06adda63cf7f78a37186672c27bbdae

SHA1
50407bed2021f9420f051eabdc97661bffccd691

SHA256
b45593273b7da0c88b79a56bf4a55294da73b2ee1fa6ff850fd6d6b27461da8e

SHA512
8acd55361f98ae47e977ddd39ad8b2cecc1a8b82d2197bfafd61715a2caf418636b52e42423430a37b12cdac767220d58f29a3f7148330afcab650d0b1b7489b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13367347594167934

Filesize
10KB

MD5
20e82b291e4dfbc1b33f0c935796d241

SHA1
416a67815979b6c619b4261070c09aadc9ead7ff

SHA256
778395183cf1c85cd8c29d0d510e723ec8a8d16bad3f60598c19cb66ebbe7632

SHA512
604305fc5c394242e7943df84dede3f77a576576a10f09a6ada717ce98cc10249eca54a09c5f9d7ff861590cf631e1f849248d9578f083d5241be6d535d57e77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
184B

MD5
f78cafcc279a047b6527892642db7100

SHA1
272d99a21abf2608136f0d9b5e7bcfc3f2423256

SHA256
15fcdc33c55f13b25a75c6ef63899e5cf542a0b425043c6dac7db08b9bd4af54

SHA512
df014cbad4d3017901c959d85b78d8c98cfbf2f0d3dba653e903c60c323290462e08662e29b5769764f1ea2dce9a4eb77797db6ad4bef51bb1cafdd4e44cadbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
4561a7257a497bdb2a117f5c954701cf

SHA1
b36493509c09b0d87af991291f7e533e962365b8

SHA256
b0b17d990bdd563718ec6d69a08d3acdae2ac085efb0b9017fec9be5056bfef2

SHA512
286f70389f69a3caa0fd14c9e5fe7d19f27679be1a3e7c86873ee0b901f14e49362d3c313e15e9a482d1fb9c2eee997c6649c939e3d5441ac0d9e49886d2930a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
d93224232cc5a8908ba1d9479ac16a6c

SHA1
9657746be561df71b88e353a30f0ed713dc3eeac

SHA256
c53156290035ab057dea97c5f194722433d5eb55d9b8b0f7962d65915814b8ca

SHA512
d48c331ef6bc7960c20caf66f08b02d9842004236bd5a6828e33ef32d2351be9d0421e85f1a80d161480492fec5644e2788495b312d5c89f68cd6a74f14074a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
91fb88b81edb043e1e44e45cfb903c0b

SHA1
4500e74b3a12c6068020909a29a618aa337d4c7f

SHA256
1a22be20606fd88090408ef40a18f3ec69877b36d762eb54959ea4bc677e1144

SHA512
762b3eac157cb7b1ae96c3e9690f51f3b10cee93e0c026ac97491b96c888dae07ecf30cee2a1b5bbdfa78cdaadceccd29a613f51504db7fc1bf555e109bb5d9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
8d5dba39772e6e6c70847e7c8b8d11f6

SHA1
c6b1f6d41a3ddd67c27b7f8d617a063c1edaf78f

SHA256
c9942f62c83a26f4f932e4cc3fae830172a460830ee0789f846c166f264e6478

SHA512
1ef33e7be9a89fa26dffaf88025abdd1cabfde5b489e6a7debdc7ff31a6df35ace7ae1111bed3580282efbe0ba9c37698d859640ff783b4b7f53f7ad26b969c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
a1af2bf81d4e97e892596c1071af4c8c

SHA1
6f7b24552a82ba337ddf6f440502e6c0acffe05f

SHA256
63f5b7ee35c2cba294f19ad512c4d83edfb5167b38180bacb89c35e6b4a3b068

SHA512
c9768cc6194bc77ce02e81ab2682ba8b93eefae34bc7d6298558601150c5fb5609ac9f5280be8bb5f118461f2b10eded634af72b680c0110229f4f26fd5c82e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
16560a43ddebe99295a5ab7d3ec739a9

SHA1
19d1ce83a81413dc1a5c82aba2de40545a2c9f47

SHA256
76feb88b3bb15dbbfab2514fe899988fbb2585d77006d11281aca2ef89177dc0

SHA512
64300bd6fe2851a3dda944d3a8a899a3573d290ed0f3e49983fc0b16214617057e856d21c45eb246a9dc6eaf1b824861ab60cef40308846ad334b4d46600871e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
49da9d249e1f02947fce399121c83a21

SHA1
86249a3544abcb2e58ba6e4f2a0453a5ca85722b

SHA256
5962836c98136048aa216d97eda0fd87432377ebb27174d9f7586460183cb304

SHA512
400c39c5adfa5a9b0476e5074a611a7627a36ed0192d49c803e7cfa77d2887d98ea10f90cfdb06f44522e619a9558fc9c0924c2cc6d8ae761f39bd1b869eabda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0151ad60b9a080952bd1ec096e83c968

SHA1
dd1c5704a1a1f716785af5e93c9e33dd6ca5b47a

SHA256
fecf084f3e357396d0af42e40bf2feed9f751ab3554520d7c4250154d64c4055

SHA512
09f022cb0d98996b2cc4d048f98ffd3fbe5778312b8108bfa87ca5d018d8b01664d75ff49d109cc0c8903c3f1c89de05de8f612fe1fa505f37ccc0b5e2fddf74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c6d79ef4bfd11bee0b8d616c5bd98a43

SHA1
64d4f90dfb4b2044556213aae30c9575afea618f

SHA256
c132d0e799f035475b24c09ff10a60e67da7e6e076e2cde89ba66b12e3c74008

SHA512
2200c62e0b299c1f55fc44b74cf0d90f50db41aeae58a0cacf8ee91fefdc19205660d2a81191dbf79bd54e157dcc8866f6c3603a6f7f4f4f6054937f7e616db0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581c7c.TMP

Filesize
1KB

MD5
9df2ecb70658598aaafc42054bd50445

SHA1
4f739270f5023882d7b02cf66d89142439344e56

SHA256
29498918208ad9bc5ca1fd1dffafeddc0f18d98a51cbfe94dc3efe0d56b9d7fa

SHA512
2313e04321489bab1883b7cc1e11bbf333d779c946df7bd79de858c5036968296a7ecf522dd9f9103e175303077d46b42ac4ab467ce97f2b737610d0c83116ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
e768a03e6055a0eccd6ed3b53bcf0be1

SHA1
0ac423d0a8abce17f821889d4a9fd35904d0edf2

SHA256
f2ed2201d03d07e44e1412035251bf8d6b15a2751be369658991307004dec875

SHA512
9bb73dc43770b601262e74ba891d51598761d9e628bd817adf8a17b99f99d3ccfe6d01ff1a9b23ca0b48aa355cd0f6aea512c64799bf3044b428fca931901451

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
116KB

MD5
6087c3b7bda6483e99592d6b13f9a20f

SHA1
ae6f876dec1bc86475af9f72f3735de6b27b3c69

SHA256
fadc00d00b0dbbaf2b541c45dc4ae9f345c609679ec44983d81be5624ab8158b

SHA512
0a971cc6e103a0381e60f0173bb44cea22dd08c063d2a4dc50e362761da4433fe718d50f7523d8850e10759912812a8295eb98eaf4b4ddf6f26db1b7846eea76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f2ab4a1f-7144-47ad-8472-779d884793ac.tmp

Filesize
12KB

MD5
0c064fcff44129f361d19e683b741d65

SHA1
a1b966a6ef41ab70dbb98d54e4ce7b3770cd0f7d

SHA256
b30b5e2f325e6bd264a357bba8669b304f97c6fcbeff4e8a51318822a9492675

SHA512
b0d53cecac15c93f9b21c0aec27d7bbb60d927913f6ba6dc994fb0b8a04f677d9276fa5e904bcfdc6f0f5331687e6546066ddc514f4f668e0e5fc3699cb2fb0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
72KB

MD5
f0ec76397c714eb8fb8dd7de3788498a

SHA1
b17ba73f505ce2de505d9227821224523feedef1

SHA256
67cab3f40b0578909621d66ce825789eba72b565720a42c76da175be2ac00e0e

SHA512
77150af4845fc7abc008a7bbbd3e385ec229a14f2bc5d0bd829cab7801b4dec418882b6ffb62a1de56cfd4719fc93504a5fb779663be8c229bfaa7663bdca0f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
187B

MD5
47a1cedd68ebf4f7807714513c07ec4c

SHA1
d2ff45eab5461088b66a138a2608bc294a454211

SHA256
36a322ec9e4354b5bd59bffa8a5ac4005d2a1eb7fab2a7b3774b2a0cec4bb7ce

SHA512
8c4f65d3c492d523517250e4d6084558a43212c17b6869e9f8fdfba660733aa51f1a47de257a7587064f4c81c4f2a1e5f0d8c825fbd563a1a1b55eccf86309f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
50e9903b2fa1a224d7707782a5a9a048

SHA1
740e8059d6c3e881c40f7d5381c72549d0fa5bd3

SHA256
3885abf7ae5fa624096cab7c93f730292a200e9cfc964c9642e7e123189c9d43

SHA512
d81d860f9866a96bae6adcf4315ab4498b2258b093805efe957ef4eb537fd72f18a840292fce8ee1d49afb529bf5b05ea81670512fbb69497f64130165d76fb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
565B

MD5
f53bb3a64acf71abae7c3e56cb5e0323

SHA1
efca0f4b5ccacb508d5df462d61d9afba63f6e2f

SHA256
8909c2741408c30f54192448231a37cf02ef6fcf1eb769ab2f461c1e5086953a

SHA512
6ed7d0fef58784dafc20b916f4f60f3cc8aa45ab7b6e0ee6ce6f5cb8d4df860b85823a9e7c245b847f44cb05a0fd2dd9d5a9e4ab1dc4c8986732a97a1285245a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
e5961a9ac2cbc6e82a30e230efccb7d2

SHA1
8b20901bc7726e624ba3ca9941895ca19a69950b

SHA256
f6c7fd8d00b3696fcba413bb03a93a4bf0a001ef8feab719ce3f813b635915ac

SHA512
f2873cd48c78f5111efdf0d4d8a396c84e6770654887c69a8633fafdcee56e809701057947f3c6cc35202cf33c328901b1a1c96ad509d53de48166358577694e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3c17829276063a04fe08a8945cf0dae4

SHA1
129ac5be330dc8c0881483ec840f7f19dcc9ef35

SHA256
ed88b93a7be6f1a0c69210c0e593267055010f94bf8f4a619c51e598aaef18d8

SHA512
f9869ee3895fa399903a624048da1c43a99204777b47e636b681d189d6f742f9273f3f50c971209eb208c7e206fae5e26986fb4373cc8a94f4eac4cfe8763e4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4ca7067e9929361463f6811b6c377939

SHA1
88f5840257c9f6dd6a448dbdcb8686fcef5354a5

SHA256
65f3273527ba3a8c4c351bd85ab637656f1c96844845e6c9e10320f373fd2182

SHA512
fe292be1f53c95acfba73c45860f4c72d4b34e2096c7158862c1cd414c14a0134cb0ebe0481a16d8cd2e9e0201cd08b4097d9195ee6336b046950d22773b1ebc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
9e459b3262dcc5af8b5d7efffa3aacfd

SHA1
b19564b4e4454f7ca563ad43f8f5cfe414cc4229

SHA256
ec846ab6fbb29f9a7d9117a70b735e7d2442ed0797775d90bf1ec34d7ca3b742

SHA512
d3e05d8f3c365879c5cc6c7592946976a1b16222a74af51d11cd637b148ea618aa26bbb4b6b9158f9af1fd6db1e45fc29c42cb888491dce1e37860a2c371d1ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit