Overview

overview

8

Static

static

1

real.bat

windows10-2004-x64

8

Analysis

  • max time kernel
    1199s
  • max time network
    1197s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-08-2024 03:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    real.bat

  • Size

    1KB

  • MD5

    9310665742ce11663034ef6708932124

  • SHA1

    00c51f35addad2e0ce0b560237b4ec29c77b41ca

  • SHA256

    e7e82e0b485c47363688615dec109804bdcbc5472794ca540b659d55d8027872

  • SHA512

    06b43e90d12947c13083340effc17253541b489b24fe5ce792abed5b9491d8479d0ba84e06b72067b71dbbd032932c7358296d079931e14cbe6bf26d516336b0

Score
8/10
discoveryevasionmotwpersistencephishingprivilege_escalationtrojan

Malware Config

Signatures

  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 3 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 34 IoCs
  • Loads dropped DLL 64 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
    phishingmotw
  • Drops file in Program Files directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • NSIS installer 2 IoCs
    installer
  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies registry class 64 IoCs
  • NTFS ADS 4 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious behavior: EnumeratesProcesses 24 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 43 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 33 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\real.bat"
    1⤵
    • Checks computer location settings
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:2456
    • C:\Windows\system32\where.exe
      where curl
      2⤵
        PID:1844
      • C:\Windows\system32\curl.exe
        curl -L -o "torbrowser-installer.exe" "https://www.torproject.org/dist/torbrowser/13.5.2/tor-browser-windows-x86_64-portable-13.5.2.exe"
        2⤵
          PID:4800
        • C:\Users\Admin\AppData\Local\Temp\torbrowser-installer.exe
          "torbrowser-installer.exe" /SILENT
          2⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious use of WriteProcessMemory
          PID:1676
          • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
            "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Suspicious use of WriteProcessMemory
            PID:1456
            • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
              "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"
              4⤵
              • Checks computer location settings
              • Executes dropped EXE
              • Loads dropped DLL
              • Checks whether UAC is enabled
              • Checks processor information in registry
              • Modifies registry class
              • NTFS ADS
              • Suspicious behavior: GetForegroundWindowSpam
              • Suspicious use of AdjustPrivilegeToken
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SendNotifyMessage
              • Suspicious use of SetWindowsHookEx
              • Suspicious use of WriteProcessMemory
              PID:4856
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.0.1005287535\229463240" -parentBuildID 20240805090000 -prefsHandle 2472 -prefMapHandle 2508 -prefsLen 19247 -prefMapSize 240456 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {27e07f01-f2ea-44a7-90e8-b036f377591b} 4856 gpu
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:4740
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.1.1138905612\302263434" -childID 1 -isForBrowser -prefsHandle 1828 -prefMapHandle 2156 -prefsLen 20081 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {f5c87c2b-6313-4bfb-96a0-eab078b713d0} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:2180
              • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe" -f "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc" DataDirectory "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor" ClientOnionAuthDir "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\onion-auth" --defaults-torrc "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc-defaults" GeoIPFile "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\geoip" GeoIPv6File "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6" +__ControlPort 127.0.0.1:9151 HashedControlPassword 16:c74208280fd6338860c8386885a2f913491d73700a74ab068b592b843e +__SocksPort "127.0.0.1:9150 ExtendedErrors IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth" __OwningControllerProcess 4856 DisableNetwork 1
                5⤵
                • Executes dropped EXE
                PID:2960
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.2.1802144211\1183074462" -childID 2 -isForBrowser -prefsHandle 3160 -prefMapHandle 3156 -prefsLen 20897 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {fce5c121-061b-44d7-9943-961b80d03973} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:1836
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.3.2005970759\263330247" -childID 3 -isForBrowser -prefsHandle 3372 -prefMapHandle 3376 -prefsLen 20974 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {fc7ad1e8-749c-4119-910d-a8f660cac67a} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:3396
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.4.443028498\1438635332" -parentBuildID 20240805090000 -prefsHandle 3384 -prefMapHandle 3320 -prefsLen 22918 -prefMapSize 240456 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {7daf34d6-558d-4f89-8d6c-d5e035b905dd} 4856 rdd
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:3704
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.5.1924817511\1294639065" -childID 4 -isForBrowser -prefsHandle 4068 -prefMapHandle 4064 -prefsLen 22297 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {09b256cc-acf4-4748-b574-94e56cbe13f5} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:4828
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.6.518566020\549086649" -childID 5 -isForBrowser -prefsHandle 4368 -prefMapHandle 4364 -prefsLen 22297 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {364b877a-800d-4f57-adc7-96cd5558cdba} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:2200
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.7.759780789\1397082458" -childID 6 -isForBrowser -prefsHandle 4584 -prefMapHandle 4580 -prefsLen 22297 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {025bad94-da54-4549-9fc2-de50970cb2f7} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:640
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.8.492797493\1237230813" -childID 7 -isForBrowser -prefsHandle 2700 -prefMapHandle 4136 -prefsLen 23076 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {0a37427d-b725-4238-9cb7-d427b3934420} 4856 tab
                5⤵
                • Executes dropped EXE
                • Loads dropped DLL
                PID:3504
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.9.343549427\495359382" -childID 8 -isForBrowser -prefsHandle 4300 -prefMapHandle 1788 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {7346d66d-fc65-4dfa-9b0d-2ace537a41e8} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:384
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.10.975592092\168346366" -childID 9 -isForBrowser -prefsHandle 4980 -prefMapHandle 1552 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {dff2aefc-32ba-455e-9c42-bfca73361958} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:2368
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.11.1701582051\1741887646" -childID 10 -isForBrowser -prefsHandle 4644 -prefMapHandle 4648 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {38d3a34e-7f45-48e8-a2d3-2f99468aa7e0} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:1324
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.12.1294100487\880140601" -childID 11 -isForBrowser -prefsHandle 1416 -prefMapHandle 1420 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {7db5f021-a697-4035-8de4-398f1d8a10e9} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:2144
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.13.1527242520\1674730533" -parentBuildID 20240805090000 -sandboxingKind 1 -prefsHandle 4792 -prefMapHandle 3096 -prefsLen 25241 -prefMapSize 240456 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {a1875b27-497b-45be-a686-d1116c775b1f} 4856 utility
                5⤵
                • Executes dropped EXE
                PID:1080
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.14.1589213795\1419735817" -childID 12 -isForBrowser -prefsHandle 4112 -prefMapHandle 4268 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {090baf1d-d7f9-4d0e-8370-4178428b7bfe} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:4664
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.15.820296760\408950624" -childID 13 -isForBrowser -prefsHandle 4480 -prefMapHandle 4132 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {d2c78b49-7fe7-479c-b470-e1a216e41be3} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:1412
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.16.706421036\1279894646" -childID 14 -isForBrowser -prefsHandle 5432 -prefMapHandle 5444 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {ad9db3ca-7de5-4e0d-a0a1-6bbaf257dec3} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:1096
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.17.2000922966\1682833794" -childID 15 -isForBrowser -prefsHandle 5720 -prefMapHandle 5716 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {8aaa3311-da64-4520-bd66-f31f18f1c034} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:1428
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.18.1174411274\897740979" -childID 16 -isForBrowser -prefsHandle 5412 -prefMapHandle 5668 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {a7921a99-1b59-40a7-afc3-594d39dd3b28} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:5044
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.19.1749795494\1348137834" -childID 17 -isForBrowser -prefsHandle 1648 -prefMapHandle 4876 -prefsLen 23275 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {1849339e-d29a-45a6-b704-5e670e30250d} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:432
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.20.544813402\1450840972" -childID 18 -isForBrowser -prefsHandle 5568 -prefMapHandle 5468 -prefsLen 23331 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {92ef5942-bacc-4af7-96fd-ffda9a4b6ade} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:4792
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.21.1994259111\2127321395" -childID 19 -isForBrowser -prefsHandle 4256 -prefMapHandle 5660 -prefsLen 23331 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {2194b43b-104b-4525-8436-5e099f2e3224} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:5268
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.22.2001097525\1146118208" -childID 20 -isForBrowser -prefsHandle 1720 -prefMapHandle 4204 -prefsLen 23331 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {1609c678-2f40-40b1-9518-777b2207c544} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:5552
              • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="4856.23.967341415\1767863560" -childID 21 -isForBrowser -prefsHandle 7004 -prefMapHandle 7080 -prefsLen 23331 -prefMapSize 240456 -jsInitHandle 1004 -jsInitLen 240916 -parentBuildID 20240805090000 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {fb651869-d81d-412f-aca4-5471cf35d1e1} 4856 tab
                5⤵
                • Executes dropped EXE
                PID:6440
        • C:\Windows\system32\NOTEPAD.EXE
          "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\links.txt
          2⤵
          • Opens file in notepad (likely ransom note)
          PID:4732
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x300 0x438
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3888
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
        1⤵
        • Enumerates system info in registry
        • NTFS ADS
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        PID:4384
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb5d4146f8,0x7ffb5d414708,0x7ffb5d414718
          2⤵
            PID:1440
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
            2⤵
              PID:2608
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
              2⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:4168
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
              2⤵
                PID:4840
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
                2⤵
                  PID:544
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                  2⤵
                    PID:4448
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
                    2⤵
                      PID:5500
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
                      2⤵
                        PID:5508
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
                        2⤵
                          PID:5692
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
                          2⤵
                            PID:5940
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5312 /prefetch:8
                            2⤵
                              PID:5240
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4812 /prefetch:8
                              2⤵
                              • Modifies registry class
                              • Suspicious behavior: EnumeratesProcesses
                              PID:5220
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
                              2⤵
                                PID:5564
                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
                                2⤵
                                  PID:5928
                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:5224
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
                                  2⤵
                                    PID:5296
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
                                    2⤵
                                      PID:3256
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
                                      2⤵
                                        PID:5768
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
                                        2⤵
                                          PID:5776
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5988 /prefetch:8
                                          2⤵
                                            PID:5404
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
                                            2⤵
                                              PID:5348
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6620 /prefetch:8
                                              2⤵
                                                PID:4120
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
                                                2⤵
                                                  PID:6084
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
                                                  2⤵
                                                    PID:3256
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
                                                    2⤵
                                                      PID:6416
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2056,18103473718642577245,16162567868465168760,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3592 /prefetch:8
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:6528
                                                    • C:\Users\Admin\Downloads\7z2407-x64.exe
                                                      "C:\Users\Admin\Downloads\7z2407-x64.exe"
                                                      2⤵
                                                      • Executes dropped EXE
                                                      • Drops file in Program Files directory
                                                      • System Location Discovery: System Language Discovery
                                                      • Modifies registry class
                                                      PID:6692
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:4360
                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                      1⤵
                                                        PID:5208
                                                      • C:\Windows\System32\rundll32.exe
                                                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                        1⤵
                                                          PID:1232
                                                        • C:\Program Files\7-Zip\7zFM.exe
                                                          "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\ic358sgybt.part2.rar"
                                                          1⤵
                                                          • Executes dropped EXE
                                                          • Suspicious use of AdjustPrivilegeToken
                                                          • Suspicious use of FindShellTrayWindow
                                                          PID:6064
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                          1⤵
                                                          • Enumerates system info in registry
                                                          • NTFS ADS
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                          • Suspicious use of FindShellTrayWindow
                                                          • Suspicious use of SendNotifyMessage
                                                          PID:5388
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5d4146f8,0x7ffb5d414708,0x7ffb5d414718
                                                            2⤵
                                                              PID:4900
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
                                                              2⤵
                                                                PID:4144
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
                                                                2⤵
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                PID:6776
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
                                                                2⤵
                                                                  PID:2188
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
                                                                  2⤵
                                                                    PID:3776
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                                                                    2⤵
                                                                      PID:6072
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4368 /prefetch:1
                                                                      2⤵
                                                                        PID:6752
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4528 /prefetch:1
                                                                        2⤵
                                                                          PID:6792
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
                                                                          2⤵
                                                                            PID:4528
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
                                                                            2⤵
                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                            PID:5340
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
                                                                            2⤵
                                                                              PID:5196
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5180 /prefetch:8
                                                                              2⤵
                                                                                PID:6184
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5152 /prefetch:8
                                                                                2⤵
                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                PID:5392
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3728 /prefetch:1
                                                                                2⤵
                                                                                  PID:5420
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
                                                                                  2⤵
                                                                                    PID:4508
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
                                                                                    2⤵
                                                                                      PID:6664
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
                                                                                      2⤵
                                                                                        PID:6340
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
                                                                                        2⤵
                                                                                          PID:4596
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
                                                                                          2⤵
                                                                                            PID:1296
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
                                                                                            2⤵
                                                                                              PID:3224
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
                                                                                              2⤵
                                                                                                PID:3284
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:6300
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:6136
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5528
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:5512
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:2804
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:6400
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:5868
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:6024
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8296 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:2556
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8300 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:6332
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:6872
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:1060
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7044 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:7204
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:7212
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2736 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:8036
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:8044
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:6408
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:3888
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9384 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:7840
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:5492
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6632 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:5972
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2680 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:5460
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:7472
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:6280
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:8012
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:8044
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:1352
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:7532
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9404 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:3356
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2284 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:6040
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:6016
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:6032
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9344 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:6992
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:6528
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:6352
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8636 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:3188
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:5128
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9212 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:4200
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5736 /prefetch:8
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:4836
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:4040
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8204 /prefetch:8
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:3240
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7376 /prefetch:8
                                                                                                                                                                                  2⤵
                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                  PID:7476
                                                                                                                                                                                • C:\Users\Admin\Downloads\rpc420_setup.exe
                                                                                                                                                                                  "C:\Users\Admin\Downloads\rpc420_setup.exe"
                                                                                                                                                                                  2⤵
                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                  • Drops file in Program Files directory
                                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                                  • Modifies registry class
                                                                                                                                                                                  • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                  PID:7884
                                                                                                                                                                                  • C:\Program Files (x86)\RAR Password Cracker\rpc.exe
                                                                                                                                                                                    "C:\Program Files (x86)\RAR Password Cracker\rpc.exe"
                                                                                                                                                                                    3⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                    • Modifies registry class
                                                                                                                                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                    PID:7272
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1948,16096904855931420088,11332125136547436628,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9376 /prefetch:2
                                                                                                                                                                                  2⤵
                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                  PID:6800
                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                1⤵
                                                                                                                                                                                  PID:2804
                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                  1⤵
                                                                                                                                                                                    PID:5768
                                                                                                                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                    C:\Windows\system32\AUDIODG.EXE 0x300 0x438
                                                                                                                                                                                    1⤵
                                                                                                                                                                                      PID:2176
                                                                                                                                                                                    • C:\Windows\system32\OpenWith.exe
                                                                                                                                                                                      C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                                                                                      1⤵
                                                                                                                                                                                      • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                      PID:7460
                                                                                                                                                                                    • C:\Program Files\7-Zip\7zG.exe
                                                                                                                                                                                      "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ic358sgybt.part2\" -spe -an -ai#7zMap25423:94:7zEvent15306
                                                                                                                                                                                      1⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                      PID:7864
                                                                                                                                                                                    • C:\Windows\system32\OpenWith.exe
                                                                                                                                                                                      C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                                                                                      1⤵
                                                                                                                                                                                      • Modifies registry class
                                                                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                      PID:7248
                                                                                                                                                                                    • C:\Program Files\7-Zip\7zG.exe
                                                                                                                                                                                      "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\ic358sgybt.part2\" -ad -an -ai#7zMap7085:94:7zEvent8935
                                                                                                                                                                                      1⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                      PID:7584

                                                                                                                                                                                    Network

                                                                                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                                                                                    Replay Monitor

                                                                                                                                                                                    Loading Replay Monitor...

                                                                                                                                                                                    Downloads

                                                                                                                                                                                    • C:\Program Files (x86)\RAR Password Cracker\rpc.exe
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      181KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      8af456c2da331d28b39b0e53f9285ae7

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3bc442df1eba00e7af55664c07e77edc732909d6

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d98dbb37495f1e6edcd28657943bb84bbada331a1ae1c8fe966db356f6095c0d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      92c475ff061166e336493677be6754dd29d68304c633af01459c6ba458cfaa49644df4d739782816d51ab2315d959655be58da55d31b18d443bfc9d548d4ac0e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      2783c40400a8912a79cfd383da731086

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      001a131fe399c30973089e18358818090ca81789

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ff63763eedb406987ced076e36ec9acf

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      8fd247b241aab984bbf7ad44abef4fe9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      653a0985cbd517273d33f836e66fd475f3f51c38

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1b897c5cff5f1a088f059676d3d029f247a01818c7ddf1c29056d078bf63726c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d51a2eb4251b9bcd881d514ccf7d4df13c99948e0f3ec8a3375b8a4c27f225e4165fb219340fedc6dafd79024f74400f9407d8fd6200e40877caee6fc8803488

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      bd17d16b6e95e4eb8911300c70d546f7

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      847036a00e4e390b67f5c22bf7b531179be344d7

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      17KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      67e30bbc30fa4e58ef6c33781b4e835c

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      18125beb2b3f1a747f39ed999ff0edd5a52980ee

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      19KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      1f28801aaa01f8c1cc2f87e66344e8ad

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      366e6a11383b097ddbbd560b967074f1b0dc4f8f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0b110f0ac15be93f4bb2272d6c0bf858d4b1fb555663924d19f39a4525b88a52

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0160a192703bf11d0ef36f1d74cff79890befb6e4dc83ba77335eba8d1167eb395feb671f54a45bf7789eec6544c35e24891b6d9132d88879b01d35d5acba0cb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      104KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      7651b1187bb58ac4c7be625337b35e5b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      307d969ef4137a66fe2793737dc1c546587c7f43

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      31KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      4bb09ae619489b41b17164fc6385d7a9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      cba44e5dbada1c792fcf03c78c8cfb9d631352c4

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d85b3f721bdf84b6aafdc608f0ffd9e355ae905611fa3c2012e09bda206d28e1

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a8caa53055e21c5752b422750ec6c512fb784381a3221d4d00bf5a7c5650a60bd81300d0fce2082f9f5fc202d012c116420c1e56c3643d43976d3016d8cf752b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      134KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      995521ebc6046eb81abe5b11ca7cac34

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b51a55a9713a6f807bdf1d582282379810ac356f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      584ed40ca6807143a110978542d9bed685fd4742836df808794aeecca6f274a2

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      32290453dcabc9c40b8e0fd6917e3038985d6ad2731acffb6945e06354575026541fe5e9f6ded94c4f2f0fc373dc092ec997d59c596b3b77bbf2a2437b979b96

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      20KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      55f8bcce0b3342ec2603af09814a07b4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fdeb208cc8f795ab50d846336bdf64260a4bbc1a

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      41670220d00bef927cc16aea6c521fe04f2efdff1315655f65f5105e0885aa41

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d4324aaf4cfe5b57dca3933c41cb83ebc3dac571f0bf642f3be5aa8d119b28120875323362a1e4b4fc722ed9cb9c317865d91748a15539e7b20204a2747d6e3b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      27KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      46e6043b3a70e5986f0b72a748d9e3e2

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5d3ac460401a49fb84286e0f8b9edf6167530fa6

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      171b12a8c0900d5f0d9e700eb668c02f167ad6f7adce4b9c36201ee10aeae005

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c0f875ed0d9e05a7439ac9d160edf59ed3b1b384b87dca5b75de3ba11a47a94d543f108ee60aaf421c965c0635408003535795e0f6601afdef4010d982724385

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      20KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6931123c52bee278b00ee54ae99f0ead

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      6907e9544cd8b24f602d0a623cfe32fe9426f81f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      62KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      0800f316866f3b20e5443bf0b6c133a2

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0c26d720ec1078b683068d5586b3a204ec118bba

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8bf6fdda34cb70a0e5abb753af6440a64d37ed2fee81ab1d9c478f7d77aff84e

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      84d9961ef0b3890094c0809750708d57ab23a9e21f76fbddae37fe04443b44c693dd087e51ed06e5ea2900f1fa7f2bda76f8991d3f8396dacfaf923438e48d75

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      251KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f33894058aa0e0e8d236c19204dc498b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      377804bf56c549a3d65d51fd36a814a64d3208c2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2f8037c1bc35fe1211b2db6bf51f97c009f1c6e4958fb4df2ae07169abc5e71b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      6afbda25283dbc677c1f6f5c5060ecea772712fdc034454910a2a7ec2002866e4c7e19d727f317cc9c24338050f2cdbf6c56082f7644079f3b7aa4a5b3ed3aa7

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9c6b5ce6b3452e98573e6409c34dd73c

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      de607fadef62e36945a409a838eb8fc36d819b42

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\58a7798e8b9ebcd4_0
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      228B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      59a94603abe16a35df9a384a23a20ed1

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e6fa601ec2b704e83c2cc10d43a30dbfbf769dab

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      012510f11fbe6ae8d4e3914ec80c16bf12a704a0c69cfd121290f0506fecc091

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      8f4e2bd4059cc0eca80d26780528efc60c31db7ad4d355deaadee853f316ea0e2ce579eb8bec118ea1225948771e115ed3edc05b6ab7e72e9e333437157940c0

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb8aa1d6e4ecf0e1_0
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      31KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      003178b98dd9eff86b2266b61d85db70

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      31d3493e3e8c29100caeff0bdb0efcf4538c1bee

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      82c84a3db6235978f5891341e685a85faf69df5db70e996f8af9a33acd82ec02

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      17e5489abb9a8a26fe487828696ab6c0c8029e52b433e812e6fe1a753a178b6829efd479665ff72ac12d0c700556dd55ad7dfbeaee2c8ef21bd393f55852820d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      3KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      49653f4d323eddbdc2b92c31409a2dfe

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      1c4906a0f21835bb59808e69ea0ac25261a7606e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      133138edf1fdd8c9094c7ec15e6358275db5131dba8c88bada5cb522c4827d59

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      1d0e6009939d437810422386f13264af71547c2ab990a31cdf276a488c199e1e0881a470cfcfbf051c396b416521c0ad050b7060bed3ac7979f05f4d59678739

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aaf1a90902f1b50a2dbebdfa72180b8d

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d1093c9920f17af163de31e6ac786316e7045352

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      373b554cb52f34ea2eb5e6cacf85b5e4f7eeda893011775c980b2fe20c705cbf

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      23437d991fc2a5fdec977be27061173d95aecf75a3417c429e45f7f53a9b3a9ac267ac25de1cb377e2d422e440b2113242941014c4694b8b9419af1c869e5e06

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      4KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      b4419d01b7d014f87e3fe2558a364615

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e281562011e274e74b79d93915f14a7f6d35b840

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e7bec125a257ebacc5ef2aa12b9fae88de89999d26f4066a325745a818ff064d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a8682ddb7ba44d9e097729232f123dadb3c3239dc61861288f5ff42d4420998f1fdb771446afb64d3d6a01c1a4827b5b13a32ec53fed575f6098cfb093d9ee17

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      17KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      2c734734a17ffb26a3a165a95cbae8f4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4f3f221bd5f428c44ef6066def593efa3847cd73

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b303fdc554fcbcb708ac0cdd7be9b428cb5719e932bdc9a093c0854e8d4c57b2

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c9f68b6ff6a29ba60392a3117d13280167246f8986fffaccf4660ce77cbd3171b312b7fc2bd75abccf829199fe81a279b541db59d7e69c1c489484210ccc638c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      482B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      c396b4127f4590830fb12e6e5dc39fc6

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e8ae2d2cce86d5078b9cb90d3b66f31bf980bde5

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      038ceeaf5f7d0e15f88bd73e6598173a32f250f8c9a0ffa3205af933d6e34e5a

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      254a391629b16fe99bb4a1a7ed4ca5bfd6ea691a484904412ac4ee7df9c3a5a24effde59f838ace05809c8ab749ddd9827c45115d94345c0913ac4965c0ca128

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      18KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      16818ce143967e2038e7719b718656c7

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      463f33c77f2414d4bd373df8699bc6c8271a367f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6e973ae0c55e78c2cfa0819426e3997bdb789e10fcfe35eb76fbe0cec529160a

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      412ae0da8178a15120bc1f25bf9eeaea3d7b1d3ae2241a2da394c1fe523d20a48ed86d1fb102caff1342657641dfcaafc95e864fada89d51cf5ce807dced4a74

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f754f13a9e702ebdc8a55d992c423710

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      46e75b408a489bafd77bffbf67827ee7d67be740

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      063a361b3b9df0479b5bb9bbbeecfd92523d4b6e3ea8323104b0ed27d23286de

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c7f86957ac254571bf6bd2a612f1ebe9f36ff8f5474a4c325ad97cab2e3363734f7bf31f525820c1d1005ce96b31c27beb95f3c02c8aeb8e89553856eb11db51

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6eee191867752d872afa1add3724f554

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      96d8c0a4c8952d3d9182a46e1c9c9726e9e7dff6

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f262d938ad044f2cdd55766e586d89093c524255818cf9d55a0ebeef1b1aa316

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      89e65b6e5457f4f9679ea981558994731e8e4f2645c1cbf15ea1941200e2b61d30743c09f84908666f4ae61fc5e5e99580ce7bd0ef365fb9008847f9b5190259

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ef43ebeb10819c231071f49c81dbd4f4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      79219e9d3e771d82c7df80176dd1c2821442c8a2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7030a52fca23060ac135ca7d95a684204936f043429d65c89ff92db91357215b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      85dbe0629f3bb2f1844e8acf3210778010db8a4d48120e47527e0a5424f84fc29f7fcd7514a4a955cd352d85032860fb03c617247362d3b235215b049f1ae94b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      cb06f7f616236ddf152a65e052f77289

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      817770736b872f9249ccb00de094f9ceed7dce5f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7bcec69a01381de54659615613c29f680aa5433412a2847e7f6f23cd93fd77df

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9af598c5dbdb53faa9facda9028efb3aa235d44f63d2e3652060ab7ef3ee478dda9aaa8c6120b288f9fa21cdc5a6fdfe12a55ab4e0113b2fec5916e35ada9370

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      479ee55b57b63b0657d99f05f0c4cc80

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      75d8673ce8ce18eb2dc831164d71def63edfdd7f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      945bba166df6faaeea7ae8ae0ff62f77a39451e80882d92a97c79d673250d378

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      bea77325bb290261ca8c4c88b888b8dfb8b19fe74ea88a5ab64cd228a3eb4ed1821211468042c5b3ee93e6b91f0b906bafe7faf0d44c96c450f8b41cca3336f2

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      07247cdeaae2a01e889c1cf78ff0b54b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fa0797ce7d49a2493dc3753af5ba0e170b75fbc1

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b9b027d90ad394cfb84f60a4ffc8c3bd98dbb2554ba6c1fe97fcfb1c8a3d4de5

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      55579b762a8e70cf1222311d8d760bef1c03a8a88b70c0bfa72ed3afe79441ebc4060db38eae8ef924377bbb69fe8e7bdff13f6522be43f0db860ef3876ff302

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      7821fa814467440c84b43e7ef96144b1

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      1947b3fd436f65311669c7765dbcfd95d6cf6f75

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      024afef7cbd316bd81c915af26bae6de6a9643566199b9e46776c1e2c7c64693

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      fbec01f5e14a19c49a9ae9f3ae9eca8eb4331df669dac2ca5b2e520018b7fbe50e9dd615c553e9957c8bb3c6d6d45ce166f84c19c65afd6b68715e28782a044d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      17KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      02b9816fbc35fe620e157547b882564d

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      2760c736ac5ff7acc4b1926118d0fe02f7c21748

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      9f0161b195843c6a5367fb3766c588de5883802e034a09e987e26dfce04a543d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      6b3c12878ddb3b9e39fd5374ac4c0fbbb7a01bf65464ef104b374600f7cb29a35a4d1f2043ed54052d3b9ac94465c5a8bd589e6d7ccf0683fcb13dbeaf8e18be

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      17KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e46c23535946c226f24552a2754b1b92

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      126ab055c5557ec673df4acd133a33514dee1a7e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b3f5fc16e7d94e9ac1de7314f38e818d28c0383eb7df5324b35f845d01e260b7

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      f76f5a96a93510db0498efa4b8ca895c934e7f5093ab814289a395d5475c212b35f90c83f995df1e7241d251c3a7827743d8b03348017c8498cf8419749f5b59

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      200a03fc6cee4d26d44b38afcd3b6087

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      36e7f26a89d4bb3fe56b474f78f0897055109424

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d48afdbac3267bbd1813df4edce301a846f08a74c026b2bd5384a85b04ebc725

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      46bfe788a0b29b804daa1bab1076a15db9e11cc039fe1ba45b5dd9caf33373e6317b8ec3b8ffd0e60241e930156ee89cbad5e49c0d956b9c7e26ad976485fdca

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      3KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aaa62c58b2f1ea6356683a87d9a3ce76

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d28f6ff06e265dc0f4d746b4efa957e82b3c349e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f3783e0e317b5f6b4069ff1987d7473e025dc217e22f19949042b700f780b5a3

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      93538984a06aff09f2d2521d0632c57e479604cf7ca4e177ab6a4e9696e1eec58e39800996fa97361a7744f1f8993acdad88425219056ac9c5731f160dacf899

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      4KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      353edc318674acec2d717ba684111129

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      a9ccd5346a41612841f0e892ceab569e2c51b5d4

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      4260b29e3c6b701654e6809701ffe20cc1c36ed3f6e022bc2637888a9aa1df82

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b4a894d402dec7b3b9e9d1a26fd126fe3e807dd7055c6d23307429450128b0efda306ebc7e43b6bacf8ebd1f12f341b375ac19603de54fb9b285bd7c9ebc0595

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      065ddcca4c6afcc4443e5d1d96a8c3f6

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      446aa7f18e2748bef72539e260ce537e97b0f1b6

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      a4438b5372b132a4ee68976a7355ea0d2d59fd96353c9be6da4040c6a384dc39

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      44b28946eda7f64845a5dfdea1222f02ae1d312daf10eabca01a3c8e56483a5f3c142b214cfed340d3312b0d8788cea1b1a50e0ad0c23c29ee4e6fff6864fb10

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      af9486516391d7d33b9dc3340774cd8e

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      25d17a41ed9019a9068d461aee437fa438e47ee7

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7cc55bf94201b0de7ea8e44c267a8ba1d249d9268b1d6e61de8c4cc6025c553d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      3a79e8b64e3c69e026a38e8102aa866d3e71f308cba8c7e7c0084f7f5e3d8271332b0c205a6f29dc9230826538d6237fbf1efb0682658fd3808ff5e5e6734761

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      10KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f9b974c91b00dd9adf331d6500c20e6a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      9c0e2f97b1d80e529bac032011a585fdfb2d63ee

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      46cfd172a497939f1c297a928788d22b4e361acbba2c701908427168c8e1dcc9

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      886f835b4f152b3247b1b4554862d1f4b4a38c779b6a9550dddfc438b2d91cd9ab1fa09b9e058c25c53cc12f4e59166ca13e55b5cac52b71f704612ee1f52dde

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      d3e782e12eff8784660d857a1eb3cfdd

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d838ae746194432a0ade89b86ed830ea365d44b4

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1948232b2b2cb2c7fcba1ebe606d8e0f0d5fd884a02f20f429905cca14456b86

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      dcc9a25057ff64afc96fd7040b670587f4ed74ab4e5ea12c8802f0532f7912325c8868cd1af66494bfff3a8444d09b891c7e3bc9061705a5b2dd4acbf78128dc

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ed08539ba6d27805d767cb111d8212c5

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b5f6669604aa970f50ac26eef5e1257de3145be9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      de429164d8ef0a86ba2f5c8c84c8039d1408d68fe0eb47cf0c6f4bdef19bc85c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      6f8a5a0b6a4ea7362c1c95b725b28fb3d10712980964934b572717a0a7c6169657a5e2b5b61b11267308af68b81f2408b3e1131845fab3639ed828ff60bb552d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      3811b88daeb3015e51dd21107ccc40db

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      1e54896492f6c555915edd27c732543705cfe5eb

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f8753021434b5d454163b81febc68011e7ec02d632ef4f14cd6727a1ed1bd572

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0cb4d901e433be780a4ff45a5769d2c4d2cc584f218e4e2255d9f20644a989e3a7c6d52737e5f0b9d030639fe40ca7c83b2fbdcf6565cc70de84dc2a244efe31

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      7da7e2377e73b8d556235146c747d390

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0a5abda985041d63650187a68986ec2239508022

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2c4e9f88441feeb1e5b22ca52b36758e1b26b43343daa3a10b18f8492e009c7c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      11d67ac91e53a0ff53f09f3f85ee1a50741c73c5080d72f1f16c2fdf44ce6d253bc473d62b7150e2f3b59ec7d081218791f9e3a629528f48c4b3f6878f2c11dc

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\links.txt
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      192B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      76ad332b73b32c1ce00f313107c064ae

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4da82750c04ed68961d377078aceb0c98a2aa0e1

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      81febd37b6807bdf53500f132fd47287b7bb6f0a08aab3eb5f07275fa0bcb52a

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e93df88392eb9278684dd11b51d631bee12b75c60cffdb63cb459eee4a013384fe88a20d56b89ad8af3115d039134a605c9c71c4bf422f03ed63002bcc96c3fa

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsk1DD6.tmp\StartMenu.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a4173b381625f9f12aadb4e1cdaefdb8

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      cf1680c2bc970d5675adbf5e89292a97e6724713

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsk1DD6.tmp\System.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      c17103ae9072a06da581dec998343fc1

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsk1DD6.tmp\modern-wizard.bmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      25KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      cbe40fd2b1ec96daedc65da172d90022

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      366c216220aa4329dff6c485fd0e9b0f4f0a7944

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsk1DD6.tmp\nsDialogs.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      9KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      c10e04dd4ad4277d5adc951bb331c777

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsrCA95.tmp\LangDLL.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      d02e216c527f97b5cd320770cbe03a0d

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      76a0bea3650c393341e240231cf999d11a3d8eb8

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      cda679d62e2852d900f412239e7c01a64a928db6c0cc03b8fa0c1eabdfe815c4

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      39d99ea0045e332f197f0d6430a71adaeaccd1c8e1028ad997ffa5527e5a0fe5dbdda62e02329ae1824abad43eedd64dbfb05a1e8e19010745bfe8d53e83d990

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsrCA95.tmp\System.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      24KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      62a6f7756aabaeafe2eaa8a1b19eeb99

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      24b7ec2cf0712f03911fad6b7ccf933e0879fe5b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      4c4d8324fc74a61ed5477b6602fecd1f404f524e6c17c6d7a0b682f8521a29d7

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      7d30a35811f4dc5e3c4714224ac2b143d17f6a1de744db230b3a74409c6705233831e340b13d468c612b9e924cf69a62a15164e601e62609c98a46cf4ec0562f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\nsrCA95.tmp\nsDialogs.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      13KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6cac9c4cbadc065beeebe16e57279a9a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      26bcac80ab11c56d8d9de74a85ef2314044f96ca

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f33b3bfbb97fedfe2d77ebb894c7db5c32b8905bedab6c58248108021cf96bdb

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      854b505ca4d17127fafabc8e4d903e097b6e77d4adcb2873185333a7fac68d6e903b2e8f3ce0df639ec3c44feb3666489405ee74d49f512700ab86cec4bc9e44

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.tmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      182B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      7d3d11283370585b060d50a12715851a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3a05d9b7daa2d377d95e7a5f3e8e7a8f705938e3

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      86bff840e1bec67b7c91f97f4d37e3a638c5fdc7b56aae210b01745f292347b9

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a185a956e7105ad5a903d5d0e780df9421cf7b84ef1f83f7e9f3ab81bf683b440f23e55df4bbd52d60e89af467b5fc949bf1faa7810c523b98c7c2361fde010e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      27KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      d8b28ad8d2f846515aed086f6ff3343f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d7f6f5521abd38c150f73c77adf0157eac628bfb

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6490a7322cfbfd8d32a9e1b48669f588f9fd1051a63a8968703ffd30890c7fc4

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9b6044d816330e857cc8b371718bd6db59f42f6a2f9de1c422005d1c5f1a12b00b219062e761baf807ac98f408f6f20681bf3085c0b817b608a9434e2414b6ee

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      cb4ea9f0004d58e674f23d5d4ba0d919

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      539c9b91dc41c590d5036f824ddd349af6fba069

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      3f84004d59c43d6cf4ccd5df3a1411ddacc4cd76ce9442d72a5f6221df8d134c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      3d7f487658f117d29a113c4bf20c2ef126654560eb254fa8fd0098fb55eee9425a089d371273a8df9d8d431443eb94f2262011018218a94d2769ed5f1bbffd5e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      292afe97cc69103cb6efdc099a3355c6

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0ddcda7bbc2da3fdfd9fec51e28b12cf7f0e3868

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f383dc84a7fc9c8ac8f3d9a0dd1aee02254d443db4e172fc885152328acca913

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      7fd448b74e466c2f77757c32bc4ac8b126d5a5ad9b3e41bc5f3cbcfb5a5978b4b0d3831b07f9e97fad211cf3fc977469c540a8191f0905ff7908e3a40408932e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      df8bd6a95cc6bc7e33bab2aced5d8296

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      457acac0fed66b3c166e0ca0bf7a38df50ebcfd1

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      3d0f657b40663c07ea4e614f955aaccc5e95b8c39b580e7149b07a2e5eee6980

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      340efb479a119e6f296ca2031c5007e87949dfed74c2cfbe5d3da67d42290d9e0765a65afe1ff046700fe8f3774f7d0b1cb70e1182796aa7b78cd5d6bb90200c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a11eedb432c398b2b2e3b2ab7fee0885

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      300c4a0a4095e871b655baabf83bc43e9991dce9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      08ac0090c5b7d1c828dec404ad2d7fa44e0ce0665736b58c60ffa0864fce486c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      7d43f80edb8e6431e195ca3e50e20c10440c412d8f2eaf924aca886b1c87f3c81185bffa64c1c0ef49bc20095861af42a21976942ff35608765886162a0150fb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      051cb397943bc652cfb6da4c1057b0ab

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      622010ae50df2accdf7d1ce49428e7b640a31dbd

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      43c8051433500433bb1a307d8715f7b317544c697a435c9c7661f042b037b84c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      decfd7e70ab645245255e36267449fe00914193bbfd29f60544fa2b3467fa2bc5a9320144434a53350775c4b8298fe5be424ad819bb72f8587831ea002af54ac

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      112KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      0d60ab759cbdf80bb640b11a9b99e3be

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      401013ab80ddb7b57b6daa177e5dafd3a543c85a

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      c44d511a272c84676096259010bf4efddd9dae7f41821dea5eb26ff58a635f69

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      6025906f3c1bf069d08a2a8b8cc55d87c40ef99c325c7af5876d9d880d17a9e3d277d4afe165cf2fa2205193b24c2322a83b1b35dd97add1d28e982912dee714

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profiles.ini
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      103B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      5b0cb2afa381416690d2b48a5534fe41

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5c7d290a828ca789ea3cf496e563324133d95e06

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      11dedeb495c4c00ad4ef2ecacbd58918d1c7910f572bbbc87397788bafca265c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0e8aafd992d53b2318765052bf3fbd5f21355ae0cbda0d82558ecbb6304136f379bb869c2f9a863496c5d0c11703dbd24041af86131d32af71f276df7c5a740e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\cached-microdesc-consensus.tmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      2.6MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ae8ecff160c481f210e3315f73a2e037

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      aaf7dfbffa6c0601a557a3b106bc3c29db11aef5

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      60575fe02f0741713e52bb6d55c90efefb17b846eb12560c5d506cd889787140

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e100b24e993341df87c7cae9e15fc4ad49b884c3247838a8b6d776190c244b4e3ee9bdb7e2c0bf8bf41f7825859896014f2dcdb5346b891b8b319f5b7730b562

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\cached-microdescs.new
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      8.3MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      b54d5c41823bb346e47ad1c3cbb41851

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      700d0f4106eb5b7cc33a23028c23cc9d5077a2f3

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      af7d23ddd2e15b5d886d4b5e00fa5bbaf5364153ae8016561763f82335531320

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      982686099fbf692e72a03dc81573fdb0da26188d1ccdd603c844cf0b6ecf0dca9c55d661211a2c46a21460fb16ce22e2b0a887c69f8a108e04d510a892463a25

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\browser\omni.ja
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      24.9MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      2e0e8a91aa8f5b77908aa4106228038a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      1ba47b82c05bd6b47b467a74bafdfc2faf551ae7

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7f4ffcbf99d93db5b9c900220b7282945b489ab76a2d2731b4f9e12ba31d3b03

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      df505edf0e1336d5068352283c2da7b8026d56b6df5f03abe7d4b02406e86553e5aea5f0e070315c2fb67696c03abeaac27b2f65f752e37296ce6118cb6f50dd

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\defaults\pref\channel-prefs.js
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      429B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      3d84d108d421f30fb3c5ef2536d2a3eb

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0f3b02737462227a9b9e471f075357c9112f0a68

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7d9d37eff1dc4e59a6437026602f1953ef58ee46ff3d81dbb8e13b0fd0bec86b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      76cb3d59b08b0e546034cbb4fb11d8cfbb80703430dfe6c9147612182ba01910901330db7f0f304a90474724f32fd7b9d102c351218f7a291d28b3a80b7ac1e5

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\dependentlibs.list
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      42B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      70b1d09d91bc834e84a48a259f7c1ee9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      592ddaec59f760c0afe677ad3001f4b1a85bb3c0

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2b157d7ff7505d10cb5c3a7de9ba14a6832d1f5bfdbfe4fff981b5db394db6ce

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b37be03d875aa75df5a525f068ed6cf43970d38088d7d28ae100a51e2baa55c2ad5180be0beda2300406db0bdea231dde1d3394ee1c466c0230253edfe6aa6e4

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\distribution\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      932KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      251150b67c4a694555ecd4a6bdcf5993

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      92b571569aa6c265a6dcf715c04de50bacf712a4

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b22c007534471a8fb74378e970ba79a536a44f88d81ad3852273b82a466d10c7

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c525dde844ac84a92ee4098369a8e8c958e475cc785fe1a6c514618a59dd48a1d75ed30523ae20b044909527d0d29102fd644e5e7853568b584663c0a0221d09

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1.8MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      48df39f022d853929c0df59630a45ede

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fed259e241d064c9141e2b70d075922de410e428

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      52b3be893f46a3fb2e0668a5e548a2e04501073824f59313b0f9d4265be684fd

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      7251c08a8e2375c5437060ed52ac3d57c94a9f14d08ae7c6af40a2a5a327a83470cd66dca0263910a0875fcc2acb7100ef4d3a3577034b5553636f0d551c5ee8

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\000_README.txt
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      297B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      793eae5fb25086c0e169081b6034a053

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3c7cc102c8fcaf3dcbe48c3f8b17ec0f45dcc475

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      14e396a360e5f9c5833dc71131d0b909f7b24c902b74f31a7a3d78d5aa0fa980

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      5e949be232df14bf7bfb679986a16f4a613439f5b5e71271abbfbf74296b43c977510fd6403702139ffd77dd3369e054dbe086e0188fff4f436f3505654e1f70

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoNaskhArabic-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      225KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      27dfbbe8ee4015763e3c51d73474e94a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4328cdc9a3f9c6b7df0624c81afbd3459f213e40

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b4fe7b745c5b40e5d6294a883afcb8b4264b88d331fd0b4620050441479f391e

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      42cc921fee7bad58ee1fac12eb8153b580b5d9d6ed510d5df4bd4be754ef1b017c987051385d828b70de050340f9629be7b385d0338c9db6e0f9f51543387375

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSans-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      589KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e782457ebb0389715abdf5a9e20b3234

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e0d9ad78d1972d056d015452ed8dee529e8bb24b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0e90d375cdb64f088a6a676eb560b755afa184e523fefbb9c33fdda4d7dd8461

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      3ec030fdaa18f90bd8060466276c9ec49fd9233746e603d61a4f65a9a53e97e7b3382f8f913da17c48ffefc8adcf2be25f7e1c51f16555068b8f344a4e6dd961

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansAdlam-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      91KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ac01114123630edca1bd86dc859c65e7

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      f7e68b5f5e52814121077d40a845a90214b29d41

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1b7b86711479fbfd060ed38abe1258246b4be2826760e6827287958218bb3f5c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      1c9ac878ba12f3de207aa9a7eb8c0239f769f9ae7475fec998e998192aa6900fe146039ac982612c6c0b7e5363355f2803d8f62e4787c0908c883ac3796e2a9b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBalinese-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      128KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      12764d72c2cee67144991a62e8e0d1c5

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      f61be58fea99ad23ef720fbc189673a6e3fd6a64

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      194e110cb1e3f1938def209e152a8007fe5a8b0db5b7ce46a2de6e346667e43d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      fb670a7dbb57465d6384cd5c3a35356e94bf54ac4cb7578e67c8729ff982943b99c95b57f6059443e3e8b56d8c8d2cfc6e81ae3a1cf07306f91c3a96e4883906

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBamum-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      224KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f0b22427c3ddce97435c84ce50239878

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      a4a61de819c79dc743df4c5b152382f7e2e7168d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0282610e6923d06a4d120cff3824e829b4535a8c4c57c07e11dbe73475541084

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ff2b22e58597d0ba19562c36f03cf83b5f327eee27f979c9ff84fe35a21b1fc9234f21fdb35fb95f933c79b9cf7760328d29b31480153da59a6576cf5f7f544e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBassaVah-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      778376d22591a4a98bf83ac555ddf413

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      608172ca18450b4cc61ff6cc155f66cff55c5bf9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8218239377452e05634a91ee8a4338daf0aa96a15673a437533a098eb9c06f53

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e895a03374a3d3da04554cd048191722652ed4f1f7cc91639354843138ce26aea6c7f2da0ecda47eb76bcdd61a0315cc2e35e080a5953c24d82f4e94ce4aa260

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBatak-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      21KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9390ee64243e5335b79e33e5e8311341

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c8d4b3ab79f6b12311eb4e4da29e709e583b5870

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      cff9f0e51e7f1d95934cac31d9ad43ba453ee308c7b46a27803dc7e2e6c3adef

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ad7b23dab247c5c71298c5023bc58bd1d00160145558d86ab75dd37de1f1017540bac544cd9bf1cb2802d19d2973c0cf189d05a980777de886ffb552ae923bc0

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBengali-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      198KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      7b5138efef2c02dda9cfae9917cd913f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b44b58f354c4a68e119df226f01ad763b2d1025c

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      9f8b4dd091f19b111d24ea18daae81bea8684cc67de17ea1acd797e144bf20ba

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      47e4cfd2218c91080fc4ccc3ac13dabe9efb7c96b981d53577177fb062973b9fad0052edcf2b0c663ff3b7a1d9e38e96586c93cb72618d64344b96e3df13204c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBuginese-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      bd4c30081a164037311e8712423c5bf2

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      2a13bc7987ca34644b075c1fe197ba293b4ca527

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      bc19f17d7f6e8f280c2cc95ef6d1b67fac25becfe98722f482039a4d84f3c9ba

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      2a20d113b73cbca311d08dba40dcb7f8ab9d5383f7590b61b785070f77204db9ab163557a420c6c96ede815643f82ffdf75bc59b5802284779ff237616734c66

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansBuhid-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      34699ac8824cdb6593b4dbef605dd6b2

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      22ff82e35cbb1ac9053f767f404ee351786fe0c2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      328d80e11e7f65f9b6e4bac12de32b7ce42154301c2a14ba92155e32e05939d6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      fe714d5d44c6c2f4f96b4349bff301a67749bcb084ade3a0270723f1fa6bd6061193c4d782cb663d63e2c32cc809f33a8114e2e0bc6915de2b04efc82b5de673

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansCanadianAboriginal-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      111KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      fc6ec655d6a00c567119522854e24172

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b72baef2dc0aca98cf7d3458cc027f4b0622db08

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0d188756c9c282bf31738af5373f2363cc8007bbbc8d5560fae5821ed4937611

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0a0eb23751b5df39becbbb308b6b36e324ea6ec469d2167a795cc10fb3bc38cb7b3187a3a63566e280470b09a080c000280e3b9a01681a68f8a3f35c7a2f139a

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansChakma-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      80KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      82f2c632a76dc9922cd85630d0c97db9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4558e69543903a058b3d5a7b8f50a6dea8ea50f9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      60ce1d029e35b432dd68cc9f6c94f69bd84d8c97f28f06130186606dd2c3325d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      cbfe37179fa4bd8618eade5e5168dcfab9d784586319014692bcfc7f767187e4beee24b3afb471abdd9adde747eaf51648926ed1a790e9f8458152c283fb34e0

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansCham-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      31KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      bf95af30d1db0fdb374cf646dc81b461

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      6bf52ccaba21c23a9b461af8cfb7574bad6bee3e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      74cbbe944f25c64f0fd2f158716a648b970e3df714f8ca2644d56f65f5eeee4e

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      52c5fc608d9e771cffc6de8ffcb953240cd445e77c4d65582dba198eec33c247891bed32de7b88c22f177e07c094716210623d1381c4cbb68fc5ad048cc24e3b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansCherokee-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      92KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      fd393a7c5b16eba60e38b72b5fa3a2dd

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d074eb1baea8caf869ba6aba69b9cc9b2fc4568f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      c052352137ae8d283840a0e2991a675d47859d8fdbae5726d373d4f0d97a8c87

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      30d5c5f5069580186ded817621ad2c6eca338216680c288b249972d420f009fe94f77ef44b106355223a80ade7f9d851a6e6fe6417d2bbbb35b9f0182a1c9180

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansCoptic-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      47KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      bc7e07463581535f8cf124dbfda9bb5f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4d59c125be1263685c909b8f1b202194a0087e70

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e3d5915c74797a084d8525cc5fb8da08d0c1256b7ea75f6687fee3f28d2c58df

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ccf8477dfc771c00a5a0e3b3cc0bbce06291679f077f24858b1547de4ac21fd21805c1a1ef6ae8a0215b8b956562a349ee32a956ca5750ff8923c6c19335474a

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansDeseret-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      19KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      c0d20faa4acd8b886197e897a6ddc7d4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      64355303ac0b639f0135bb51325b8aee780b11e4

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      9f384e8a75a059b8efcbead73ef5aa3b504ac3e9d218be5368a20b19bfccdeec

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c7062651d7fdaae6168f65887f1a6d07b95b721efbe3d756f5a1fad58641f2b5fd1a3d732ae4225ee3228454ed1982c7258be70abb41ab9d8ed867915337192f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansDevanagari-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      229KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      2358cc51bd1271c89f2c173e684876fa

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      7c30d7317d34ce0503bfd3b24900bd0fa4c6a69b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      dc0eb899c5852c819bfb30482e6f2ee1e44a4c8cd28f6622a2d4561bf1e3e444

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      873696739807520826aa7c6b825701dc36786d020902eedb6ec7438d9aee71efcf1c6dbedf7bd4dea7604de73e1506f66961f7b5f5c80b7a9e71c73bb3aab264

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansElbasan-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      18KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      1c7297bc694bdb5baba7c1d39f333c63

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4de6449e4f8d315c91109a741ced09b86c3302c9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6d52707e91a77e23f389f42b5da65d7047205e7833041fe0b2cd7ff280e14749

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      91ba1203c4057c930ef08470395c91b03c2618f5decb9bbedd9b37f858a29c63e537c658bcae73fc32fa7e9e11911bba6d0fc540b16e180936c8082ef00f15ca

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansEthiopic-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      367KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      de7cf6c6fa2fbc854dcf6d2e2716f1d1

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      f07c1412adb1cc2d742546a25eb66ba63ee3c840

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f6f7fc379db9438959a2b0527e7a2cf36ea9c84626d56ec444fff37fc24c3c10

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ee98dc59d2fe843fbcad6eb2009ef865016478ef655dd2f873b4bc45c4e67908aac4b776c5846514d3f80aa4843d1426b797f2c385e7d3ce814d7d96386049b2

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansGeorgian-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      51KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      61f5441fdfe5be8a1b933ef1ef674ec4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      07a3c3cbd0f7d2cfef5e74e1c28d5b2ccbca35eb

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      a14c27d89ef15d7855dcf03c6524cd2d98ce7d4374dcd7643b7d07d7ba0f13a5

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      2dc8136cb7f4bb57ae2c7bab7b775c317f6f46e76eeeca93bbb0d9edcde3f35e9420601bf3d6e1043511d02d7447e2b64214a89f02f5b32e30ee347236bfcd78

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansGrantha-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      350KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a3d0e9dded672781968f021d6f869ae5

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      98af88c343c9b761b0a0b03859fcb1ace7851a40

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      98a079a902bcd5f298cdcf59eeb21bbc8565b4f361e75faba300aac376b842cf

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e60d5ceb0b82dcb1f58969487a3075bed673881219c082ee78e6102c4cf17122e8537c8b6e58d2f9b8097b5a1902711b743e9e4cbc455dcf3dbb4bac796d8b28

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansGujarati-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      201KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      3853291b52d0b987d15b3595bd792584

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e7fbec665568bc358510f56c7f610c0b7cc1e9a5

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      c92e0697dc2d2cae1db5a447bd0bb8a690dfdbacbe618841b21cbfc2f483242e

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0a44cc5cfde9b74da17f81c432f487bc1276c0ad29b01a9d61e535f690b785dec0cba7f2ed828a1b8381050714ebd6309721bdd7b80e6a1ad9b0e9e0af966581

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\fonts\NotoSansGunjalaGondi-Regular.ttf
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      68KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      0f130a6dc9daa7af30009644d0205215

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c01f161467bb12e9d67c9799662fa64bf28c5b69

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      bdc8ed1739118d7c1be43cb5b435817fb7a5ae0acb32c89b2ddd66e7e9c2d1b3

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      cde4e0cc97cfd3d3c12e9ef837cbbc85c54c5ec72ba354a3cbe8f4ad6a1bc03690066a53bec3c15ae3ef493f419a6b110fd0770cca9ea4b007289ac176d73931

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\freebl3.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      690KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      4bff42570c44d1af9d31718d1165e9e9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      22bd9336f5a47fa322a108841a8f9ffcfd1a0788

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b81a3fc9c56686e138427cb297d22bab3b27a6697088f0762782f66c981eb798

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      1cc932dcde4e37b149c6a0282c0d82bd696c7e9c041b57a6b518e059bd15deaca4daff45d1772ea99f81e89ae7648a95a5a7c3dcbe1eb22a19e5a85f347b62d5

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      43KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a500c0cd26048eaf8cc92ae8d6d7808c

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      41d8b76e4dcaa288b55f4e67958297f06d8e3e19

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2b947a58c76d2e25420b0b77c23dcb3c97577468d453768738bc3a4837acbcb6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      146d65c4d94db2c941fdb9c0d9e0060cb05922287206dc89c66def220bcd009610bdb43e7696ff76621f807ecb45e58d89d304de1ab0c19aa826ee5d5876b7c1

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1.4MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      dc623edf731063dc825836006dcefdf9

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      846ac453e16d69fa75cc260df67b31c1aafabdfb

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      f36e7753915836440df27721789828217eecaa0f9d8d3eb0d14a05db28d55d77

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      8f0c6c038e0603ab7db63a3e1a8f0c62d291b70398e1559f85d5418ec2def039877067c63a10787faa8f680624403edc5515dd9b87eb2d9258888fc77d6ded6f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      2.5MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      b44887d937a99c7f61e3dabfd3655772

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      7ad09d9029b6c50dcd5d6ee4901e7aaf2b7fe396

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e011f0ebcd5cffbc9040a17896d02f41a0f56d2f3b6a51ec50a48d97393f88e8

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e23fd3c56fb2544535e28e50d23cf95224e35f5e632be7265de4a3a232eae53d79ecc628c2d73fd028f5fff8d140b37fd87a017b3047a5443d5974cd02af5199

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\nssckbi.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      472KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      b645b4ffc1cd57216f997c6009bd2682

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      8363aa4d4eec139cf447ffe63ea5f09a5656a577

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      50ba3748e14401e25c5306256fda4df94dd87cabc2b4719708595c7eb49c54ea

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      25a117f181e6bb18652c8e13fdd48ba086df450d40227853f2c14ba77febbcb8cddd119eed0ba598e848f7409ff21fc24629d2e2a2646fe18379b79988bae4ed

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\omni.ja
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      18.3MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      0f840da5ccad4a9abab2249d34107d0a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      2f6e522d8317a7fa20f973c2e21e5e4cb445813b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b6c49b0adc15c9c63a97d47801ba6434336781572dbd985c58cce9ab505b2715

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      33453061fd3b1fa360b0413a3f6de82449bcfc3d2bbd50e6b8a358ccffef11a583060a3c604547e8426fa2ce14894cb7cd5674d98795078499cb565bb61dbde7

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Browser\softokn3.dll
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      288KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ad248c672a16769f43536ac65a93626b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b6c148374c230af9f4938427d82d9b9a734106bc

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      a66fa6697d038de866dad879e91d66fa3307b1b7d1faf46df7af8b13b8e10271

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      18df48ca3760a322b3acdc242c236c86f007b85d575e4e2ce842acd9ef2c46ee4de564f7c3ef714f8f5a96e64da4e7a2b8b5d8941e1435a7446fcb3b36ac0f92

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Desktop\Tor Browser\Tor Browser.lnk
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      829B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      60631c5d4b7573393aea426649f159cd

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e2af3d607490d4145e60f94eeebb0255f6d5037b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      634b09636e3c7964bc110719f4b5c22352f9acaa12f4527a20be0f48d7269789

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d801a4fe88d3f6dd18763f3a0f7675a798aecbe2319760041dcd45b7f555c666028ec111a94e6322e17542f70e5cfc95b5e5336bbafd3679312506fafbbd3ccb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Downloads\Unconfirmed 260339.crdownload
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1.5MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f1320bd826092e99fcec85cc96a29791

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c0fa3b83cf9f9ec5e584fbca4a0afa9a9faa13ed

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ad12cec3a3957ff73a689e0d65a05b6328c80fd76336a1b1a6285335f8dab1ba

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      c6ba7770de0302dd90b04393a47dd7d80a0de26fab0bc11e147bf356e3e54ec69ba78e3df05f4f8718ba08ccaefbd6ea0409857973af3b6b57d271762685823a

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Downloads\Unconfirmed 849159.crdownload
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      284KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9c5db44bcfd7085fe11f1ff774715b34

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      ddb459786363a6519435f45126c3d2b79658043d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8a0f3935c3739e60b58269d64d41edd7d9cad16036a885227ec42d94fb52ce4c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a6bff9a6a87f9acb46d857ab15db18024f1c29732b3e7ed7b5a75f39a5d6b2408183dd4c327b043e8366bfc0d3f30d93ee4446c56b920aadc22644ea336fc4bb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • memory/384-691-0x000001D728C80000-0x000001D728CEB000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/640-613-0x00000169F5E40000-0x00000169F5EAB000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/1836-609-0x0000013BF2C00000-0x0000013BF2C6B000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/2180-562-0x000001921B600000-0x000001921B66B000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/2180-370-0x00007FFB792D0000-0x00007FFB792D1000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      4KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/2180-369-0x00007FFB7A9A0000-0x00007FFB7A9A1000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      4KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/2200-612-0x0000016AA3D40000-0x0000016AA3DAB000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/3396-610-0x000002745A360000-0x000002745A3CB000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/3504-660-0x000002280DC00000-0x000002280DC6B000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/4828-611-0x00000161FE400000-0x00000161FE46B000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      428KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/4856-588-0x000002F1D4F10000-0x000002F1D5080000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1.4MB

                                                                                                                                                                                      Download