hxxps://www[.]youtube[.]com/watch?v=XuNqMOGENZk

Analysis

max time kernel
1680s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
14/08/2024, 14:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=XuNqMOGENZk

Score

6^/10

discovery execution

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
158	camo.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-945322488-2060912225-3527527000-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-945322488-2060912225-3527527000-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
1468	msedge.exe
1468	msedge.exe
1236	msedge.exe
1236	msedge.exe
1616	identity_helper.exe
1616	identity_helper.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
872	msedge.exe
872	msedge.exe
4964	msedge.exe
4964	msedge.exe
432	msedge.exe
432	msedge.exe
3356	msedge.exe
3356	msedge.exe
1696	msedge.exe
1696	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

pid	Process
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3884	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3884	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe
1236	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4700	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1236 wrote to memory of 1336	1236	msedge.exe	85
PID 1236 wrote to memory of 1336	1236	msedge.exe	85
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 4244	1236	msedge.exe	86
PID 1236 wrote to memory of 1468	1236	msedge.exe	87
PID 1236 wrote to memory of 1468	1236	msedge.exe	87
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88
PID 1236 wrote to memory of 640	1236	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=XuNqMOGENZk
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3f7f46f8,0x7ffa3f7f4708,0x7ffa3f7f4718
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
  2⤵
  PID:640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4740 /prefetch:8
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4740 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:1272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4760 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3108 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6624 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1124 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3748 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1744 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,17116748880957012484,1299833744995831666,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1696

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:60

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2800

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1352

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3fc 0x3f4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3884

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4216

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4700

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_DiscordNuker-main.zip\DiscordNuker-main\nuke.js"
1⤵
PID:3444

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Temp1_multidiscordtool-main.zip\multidiscordtool-main\module.bat" "
1⤵
PID:1008

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Temp1_multidiscordtool-main.zip\multidiscordtool-main\start.bat" "
1⤵
PID:4416

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_multidiscordtool-main.zip\multidiscordtool-main\tools\server-nuker.js"
1⤵
PID:3444

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\338ff10b-923e-4d10-be6d-3c8061e4abf3.tmp

Filesize
11KB

MD5
ee9aa87c1cb427f18217d748b5b1c6ae

SHA1
a3e14662ee1a99a945c5d6eb2b493fc58ab71181

SHA256
6c443c2a5593540e1e4f274d587c91f1288f5cc25d00cc222e69d3aa75f11795

SHA512
267f17143787f67e4ebb49671f70eac780598d48cb7c96602731512c1f78d8cabec593f0519d72f4648ffff5965a4e1d7ad937c20158b30433ecec39ca76603f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9b008261dda31857d68792b46af6dd6d

SHA1
e82dc88e2d1da2df7cb19d79a0346b9bb90d52b3

SHA256
9ac598d4f8170f7e475d84103aead9e3c23d5f2d292741a7f56a17bde8b6f7da

SHA512
78853091403a06beeec4998e2e3a4342111895ffd485f7f7cd367741a4883f7a25864cba00a6c86f27dc0c9ce9d04f08011ecc40c8ae9383d33274739ac39f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0446fcdd21b016db1f468971fb82a488

SHA1
726b91562bb75f80981f381e3c69d7d832c87c9d

SHA256
62c5dc18b25e758f3508582a7c58bb46b734a774d97fc0e8a20614235caa8222

SHA512
1df7c085042266959f1fe0aedc5f6d40ceba485b54159f51f0c38f17bb250b79ea941b735e1b6faf219f23fe8ab65ac4557f545519d52d5416b89ad0f9047a31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
37KB

MD5
a2ade5db01e80467e87b512193e46838

SHA1
40b35ee60d5d0388a097f53a1d39261e4e94616d

SHA256
154a7cfc19fb8827601d1f8eda3788b74e2018c96779884b13da73f6b1853a15

SHA512
1c728558e68ed5c0a7d19d8f264ad3e3c83b173b3e3cd5f53f5f3b216ed243a16944dbe6b2159cfe40ee4a3813ca95a834f162073a296b72bbdedc15546be8f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
37KB

MD5
93acf02790e375a1148c9490557b3a1d

SHA1
78a367c8a8b672dd66a19eb823631e8990f78b48

SHA256
4f2513f353c2cdd3177e3890f216ea666e4eb99477a56a97ff490f69a9833423

SHA512
e6354f4e4d35e9b936a7ddaebdd6527c37e6248c3f2d450c428903a32d77439cab78020a45834379cf814a79149c3dddf4e1280b9d06a7f972e5f8e61c463d6e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
21KB

MD5
7715176f600ed5d40eaa0ca90f7c5cd7

SHA1
00fdb1d5b1421ea03d2d33542a4eaf7ac543d3d0

SHA256
154632629a0698587e95c608e6ed5f232e2ba1a33d7c07fea862a25293a9926e

SHA512
799cfee1969b6137813c98b83b90052c04527b273156f577841b64828c07c4e6a3913a6ddd49ae5021ed54a367ddbc5ab2193226960b0ffe9a618c663c8d8a1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
23KB

MD5
bc715e42e60059c3ea36cd32bfb6ebc9

SHA1
b8961b23c29b9769100116ba0da44f13a24a3dd4

SHA256
110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745

SHA512
5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
24KB

MD5
8cd3c6d8cf9e5a9655bf5624dd0bcdad

SHA1
09c3fa22560c7f4559a343847fcf2b629e35513b

SHA256
bda6f5004cf18a54fd3e447b0fc82565303616c8b1d7e0094a96af72691a0b3e

SHA512
925e3849c68315ecbfe3d7b0fe6b4320dfadc0defd2e56063216b36fdfa0930b40be2d948233037b0c672c5708dd612fa7a3b8189e276d2f8faaccc4d9586d2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\499970c64aac6bd9_0

Filesize
1KB

MD5
ddb734d7e8b8e853b26b701fded6a3ac

SHA1
2bfea9bfa75cab395ef3fa2ccae23d5afb5bd5a2

SHA256
888b997e6267376aa2dcc245f7cd4bb746aee924c9abe9b5f794201f7da8a480

SHA512
48619590687ec36f6dc39859433066ce1ed7c55d70781482bb13a22410df67dc410d9dc5f922a3162c309ee068de6dce5cf5cbe7df80d378af585a3f5b523d09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5096bd761e7a735a_0

Filesize
1KB

MD5
d31f9b570dbd9c1830d7c83f62aab3c5

SHA1
6a553bd7487d88f1f10eef87e135d230ad9e3e55

SHA256
c076b7204e6839452a31b27511bf4bb4c1dc0921d320f680d876b5cb6ab85b93

SHA512
af83afaf1e21151b5910c6b82c925523158f6e6e8995c02d1cd9d3aae5cb38f0c50618ee7a0fa6d36348d299377b3c9438d7ddcb1d174c61f9e63cd8743d21ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\50caabce6b6e99be_0

Filesize
3KB

MD5
342b81f7e96de8446b7c66d691ef22e5

SHA1
100cabcc351ea01a2c6a95a93864cef040356fae

SHA256
d7db2aaf7f9e11fe54c39a018de5186d0f68ba09096cfbf910928fda3dbc2d4e

SHA512
dafe67421b49a38fc7d8fd9a112742b43302f951689de62922ced086c3b72ac0d9426455004d793c9e96d2f8511c2ab6cd141b22ed1c9c86cbff2d3d51d22268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b9f09f12238ba0d_0

Filesize
2KB

MD5
52ca1f6f53a9d0acf56251649d0a35fb

SHA1
306a9e200a2ca15aafa86097b6915c9b597ec9fc

SHA256
f044aa6726bb2f4dee1bcd04dfa3c4c44c1a70bbbeed4027e59831919a024f50

SHA512
7596ed42d0b7628414b6acbf5be211cfb16fb6540294481d1eb6e0902ddc9b565a41e60ac5f8dfd0d0b5659006b6a492bed96aa5d6ca792c7c5d21a09add6bc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6ddfad15b4cd52c1_0

Filesize
3KB

MD5
7dc59a51638c668ad7c5385e3d5b905f

SHA1
6ea014059e6b1050bfb7abb7ff4dd3b254b257c7

SHA256
5a65d9b3673619fedda2dcb21a88d4715c92aea6ded7f73e134663ea054f4911

SHA512
cbff7b106943c9906d09ca83c16765009de133ccabca2ade9056cf6fe1f1209d6ab7ff11ab1bacaa70c204fbbd7c67f509c5f5eca21aaf28440b5d2a1442760a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ba79fbe352be6476_0

Filesize
1KB

MD5
e1d127abb01d104febc2b81929d43d74

SHA1
889285f7fcbebd9f62f3fa88f3665fafb603deb0

SHA256
cc5f5197ae86c33eaa569f6ddadba3de574cb26b92ac40b7f29285bc6441e971

SHA512
3cfaf52f51c9fbd4c4928943a4aab2ea9761f052fba9ff8c53708a02d9652d6009db7f383273cb411cb71faa9150f144d86924381ebdf4186e96bf8265b28281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fda2b6f73e6fef7b_0

Filesize
4KB

MD5
40355be41d8722373ea7d9cf4e151301

SHA1
83f604863f117b014d100a776978bd5145718657

SHA256
3579491d69f72db9cdc823ee790944274a31f6577c78021343a0053a245e408b

SHA512
b4bf5f920cc0a41300c0f27a0fc77f2f709ce1de9911d178af76ea2d327ced99eeb2c326fb53c310ef799cfcc2c7c1aa8e63be9d4a8ffb1e2700cb3e577495fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fec3aa76cbaf1f7c_0

Filesize
4KB

MD5
22690d2f99d6814434141d8ec1c19615

SHA1
1d45347ce3656d7135b368e9a79e25b4e798df6b

SHA256
892fb282f1c08c7416a77503792e5449c292c1a29b5692bae896c0da26d926bc

SHA512
4b9b2f834f0948a151b8a8057d9c7e378c5eac87f5dcb888712db0ca5ab7b6885b927be439502803b55f214a00d98d14a613c5c0bdc885cd122120b659d1c354

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
b6c09ebd5bce3e969725e70878082750

SHA1
2149216bfe6d2651584147e2fa811c9cc47a16fe

SHA256
f87d83232f9b2ea58b02dc4bba7432019d590e5815efa55903b1d04a047696f3

SHA512
c4f13b28478007e35802bace98b8324963f478e35ecb1f688a440e25d056299877834b45761531c948f509db0a19c0c8a278d9500a8ece879ec2fff82e0a7f6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
66e5383d7de89f0afbd72928be312198

SHA1
01d92ddad185e53358976f17bb8eb48d9df8479b

SHA256
fae9750ebe56a976be1ce009da3cbff05a5e43545abdd4fc85f9362c57560643

SHA512
26e40f3faba9b431e216ef1cab5195a28164c80c0adc3006b7a5f5c9b49ef876ebb160c40a157533251e119de567b0111ecadd8c4e56ff0d1199969055525438

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
6d8834754b7ce52866fec131b37e9f3d

SHA1
b178d1f282e7fb109ad6604e6e50e5e8c6942942

SHA256
78de1e41d5d3d577c96f002f314ef231d9bf8bb6b037020b502d3f0cf5d9b387

SHA512
78085ecdbed90125b02b0443d6c41e3303a2dd6fec617745258ad6b6ceb63f907d465f02676cdba0703fe00d8837d1ba0c03a89efb6fe1c3e02cb7db9446f22a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
e4b58f5ea124f0cc304f69c9986a06c2

SHA1
bb02eb5c53c8804a4cf2708471908f142c9998b6

SHA256
47ab15320c6b2e72e022e09d552349e1322bc913575d585d7d3cc6868f6163e3

SHA512
f90adbc507927d05879371f2bc1d9906be231932f335083c47378fb13c7da429488f246a3a3322f54d870c4d5dc7c5ea9c2705bc84a714ab88685d440f2dfd2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
7243ca5ff004e7bc295812946d526bc3

SHA1
3b4f19560cdc65327cf4f092204da5e32a1f92a4

SHA256
a9ba3b0e31b817d499520f5cff0670c2c5f604654c160c7c828728a4dd6a0a53

SHA512
438b4c3ba64d7242a6b53ce390eeee9ff3de6060d08669d2dae2d2612dc03e2f2a48187fe14029d986c30127de78babc00ff0309db003e34b85b932346ea54dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
75674c8d768436735ffbe657e804aa51

SHA1
17357cadcb9aaaec646430f99b6e974b86fbd264

SHA256
923f38f08a9686ff38be610aa16aa0c088a173ea05beb5ab49174828121a53e1

SHA512
160c670468467292f0c7b17c133dbb453fdef21a84b71458cb1e97fc567f72acf5f359635952ac5e874545c65dcfa1ef9be1155f3da09d07acde7eda5e977152

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
6733c57536e543c52d185da95fc173ce

SHA1
abe92937ff703eeaafd9c13364a509834fbf0bed

SHA256
dce4c958a11f631d1915ec8c4cb08b4d35d732ac10f32068940fe3789be4518b

SHA512
a8c97f453bd7785d4e9c3d870dfacf5ae6cc5c0a37bf30a641761ce7a80312da6260609f6c08fd91c2d8d21ea606b0d8f732ba39ead9afbee938480ae3f0cb13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
3f8f7828d5f4134c4a621999191c7580

SHA1
7a5b98a8d536e6c444a73ec9de2af22578a8c1e4

SHA256
877c24efae854b3669ccadb8c58ab41262d25caac3b296c4aed640dfe8e8f830

SHA512
aa8c81c3fc18182e7a9565599cc59d7370e085f975a53ef0faafb4e1becff70769bef4f7b7a2f67c364a8395dc50ae25ccd64e9a925aa37815fd396de26b5b34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
4ea15af241832149ba2b5b2ba8d1d0db

SHA1
da8dd800ac7586c9f44d046cd6f4e9c97cf8d899

SHA256
f8fca17b176cc05fc0c10efb503a9e4e5c98ea0a2548b7b6e1d39c8e15f07d3f

SHA512
4f9ed29e18626ddcb15dd50044ca15de5b80fe366782595fed1a273446d4c65a6571dc479fb81012820470cbed98f01526a304555c70dedb4b21083f359c3fe6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
bb49c162835a94bd4edd0ed7d50059fc

SHA1
87ba8c17089bae42d1e490c93b32755f0b1c3a75

SHA256
d843352fcbb5fa4b33b7a3412968f3629e49f98818198a30b9c493f43b47512b

SHA512
a0380874e37b25941e58ead065ca2148529a5818b106c2fb16938781bf080699bc0eef3f10f07c319ace98dd08413abd7fdfc04f14324d258ad2e05475dd66b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
3677eab0146cc77eaf31de2a4533e7ea

SHA1
5b59344ac476ad31f061f6ce1d2be549a605d347

SHA256
6956c30486e6c30bad62ee22d4fe9302e4801d51a529748e3d5b6688017941bd

SHA512
783b2bc7c306293b7cfe8f1f3ad0632bbad074e314eb4ed36f09cbcb6831d12ab0780c7543efe3169a8735151a0381defe92d91308e260ef637b86653d3114df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
2c73556911497419a6e012c2f1b2ba74

SHA1
c3a0269fbc29e0c2a5224a886d3213e513ef1d5a

SHA256
b82e69a4fd55183032fc543ca7e37ce39bf83294975bba43ea4e9840b7e09134

SHA512
393d2ae1b25c9d7629a95b5c6559ec31f598a37f563791ecb7875e2f7701c650ac0be4f4bf7da1bfdb7afda2da529245bb5f75a02e11b81abd9eb3c31ae92c22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
de2bdf24c87ba8e55b3c02022b78d749

SHA1
00476067fc2ba0610bb83ad0a494e397dbf5c465

SHA256
88b87da231b2a8b46d0dda19348602944a53b510df497e8e6c0a1eae84011f7c

SHA512
cc1195edff0696a92a47fe366fcaa6947881c28e65ab76d5b8a573fba6885a5243dd076cdf2c539f22dcd84a9afadfa9576d5b384a1847f489a0a99d1d78b381

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b19e2f3ee9300917649c8893c2b68780

SHA1
d21ed09f299cf730536286ce424870c12396d758

SHA256
2203a6d3c1ee7a9a6041b24f64c76135fafb3b68fd93364a9b35de86fc274ef6

SHA512
a59de14c3550e48f1ba20c2f40d2f4e3fe42de0249a62efa170947caa80bc7219c9c67a4e82b9e58553149b67859fa5dda8823e1747a322b7174cdbe08d8e806

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e9844da7de3364ef679aae0d88feffb4

SHA1
f278f61d461daf4b83dd7ccf40b4dcddca85cd9c

SHA256
46d780932d66af4981838c42ee8870b6b5f02a8e5c9f1f5367034d83b12356f5

SHA512
a9e035d87560ee67282656e8da4f5f9743818675151f90677a0e9d4695a3f9ae39e540e46cd6195b8ef5a5f3ea2c35c5778cfbf0fc6c1aee8645c129d94c32b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4550639689dddfaf11f19f7fbd81c779

SHA1
eb18712eed7344ede764727a1a621194ec2f5224

SHA256
34eb992f54788f59e6de0cc671c5a7245b6e9a1e654c5d0155bd78110a5304c9

SHA512
b04db616b1c17fa74df52957aa8fe8df92efdd15e33c1496bc3396ff21c232509eb7b9728ac2375b55c86daedea038ae61728928c2c68ddcc018cf73d27fdf3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7d2963be008b0d4976108106c57ff10e

SHA1
a090e5b4a3fde0322246f62ecbbfa3835dd85abc

SHA256
db95d5cb2ce4b3704463b9bc3130c5054cfff9788e44829908fef11a2d0b008a

SHA512
81026193229b0e2c0492289bf436e60871d6d78f4494dc4ea106db828dabd1b898f34a2406ae0be7a04c64a9d9009e661e2c03426141afd67666f71ec95f88e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7b8a196a4669850cea2483dc67f914d5

SHA1
48d14cb4900cb2f3146a5920f0c777f3f2ef4317

SHA256
0bfd69efdccd3dbda42e08907762679b8ce68e98a3fcbe55c9a778c37dead2f9

SHA512
8e8841fe3d3622a625d8339de152c083149662e23a722c8f6156a064e6a168842f1db2319746992955c2f49f7f9d68e3885e5c8a6afcda7a27941aa940b31706

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
13185c2590fa3295904dfd6bb67ce335

SHA1
0418b6f57e650dc6859b7e0872703c1d79e126ba

SHA256
3b3e5a46bed97b2ab5a68eca3d96f5e41b00767e7753eb9ab15357682bf44510

SHA512
cbf9b00e51bcc039677e105bf33c6a6fffb0e96dcb1b94a72a4408ef77a18b38b84086c2ec8f67cb4ef667e21df4c783fbae90ce6b2c7f738bd0acadbb28c9aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d41817934a83752eb5be7e8411a48f13

SHA1
ebbae6e81d0e0c80a927f3ac30ffefe5f33e2bbf

SHA256
79524f404e0eb9615990780759c3b381bbf0c2f0a8019da9bbb080fc21f657b9

SHA512
b9a7a3ec43616ce3185cce1f49e4ef9ad16e6ed4a2dc25d08296b18e4db106b8d1552e047bf69efaa62da192bbcd8a59b305252c87d82e86a5854f354eaa78ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f9383c0db2ad0905faf7a08ac4c4e53e

SHA1
ee2d94d0d84cd7e3e9413a807e1013dc6084a6d0

SHA256
da0f1b568b84a35b7fa41c450fcc0e785a536a346459077e452057e7442f3449

SHA512
caea55f03652048bb2396907f7dcd2725f6682b6a689121348ce18507435b26f18112d279bb3ee5e868635cc73a7c138110a9e1d386fb055a36bb9438beb4b0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
a125cf4304dbc699d3eb8967853ba4b8

SHA1
52cc730b834e30825c11378bec6d546daf800a82

SHA256
293d76d28a77cc7ed560d28f9b2f96eec6e3136a1168c81149b5589c910d8d77

SHA512
d4e40c66bc0b2bdccb523be426397e20418af9ca3cbc5547aefc67e553f9a89ea64d363fc7897380819122606ba1348a6d752c11b58a9f1e460b289a182e6f84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
4824ffff1c64d0b8280e0d10c43aa6b1

SHA1
5bbb1bfde9a70d05cb95cb38a37a541f889e02be

SHA256
cacc2cfe6dbdf932df4c95a8b0e0cbaed348125db83871a5efe1d1ae0727b9dc

SHA512
a8131114dd427190f059aab524e05bef29e9a771253df4539f15bc1a0f29c94e35684eddaf2089766d979a886be601929e4a3bf45b5395ba607d6ef7b3d159d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57d66a.TMP

Filesize
89B

MD5
99e8e13005a47a5b6f1e48cbb3021a79

SHA1
d5f35e88742dbb0ccfeb2e355b6b9f132afbb5e6

SHA256
de7b6b2408183635d7132380a1ed2d372fd5c14601a7855019d99d5d86170724

SHA512
655a031c7b5dca81c57d205f93b17d29e49922dd073227fba4d2f868b1a7f66b0dd7687cd4d97eafabcc337e98a0808fe44be3c1310c5a0e6e1bbd968120c684

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
e51f1a2f61547cebc7ec19b9de083c2e

SHA1
02a052f5c9d945b58bf04b8dc57d3c08cfa9e64d

SHA256
4d2b6bcd6cbb7020817467e0f75363b307bd3dbb8ab6435dd48e24c69d518714

SHA512
8b1946b62b621df4c50b9ad904a03e9515911aef47d20e4fb5b40983bfd7164358c06fa879492feb27cd9f0d3965decf3878fc9d78c8b197f51aa265168de29c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5835d0.TMP

Filesize
48B

MD5
26c3f5e458cd80b879cc28b17f8a2a24

SHA1
64e636169914516adcab268e648cca4afeb7ce3f

SHA256
132b6c7333cbb89a0108b6b3a3b4ef5f483e1165498410dd6928ba2fc7177579

SHA512
09a9119b80e8c96145540fbf83c91ae88acfc1a39bb4af7541074513ce3bef1771304fd591eb837ce633590e3f675e8f31fe96e2fb1e3321b28e66179e871baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5f5667352802e80ed9801553c7456d5b

SHA1
0e624a2edb924d7154d2e8c5f8ce9505872e05e6

SHA256
6026b7a44f2436956fdd5af8944a38abd555c28e379a664db7ea4fae9142484a

SHA512
894851779e683044d9e9c6f5b004e3edbe7ae358d79e60c4c089137d886a47772f976a50336ce7483f42d1a2f57b8552458871f293efe6aacb358a42d9b23476

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1fb5033e4b2359d2a9274815f0de1c1c

SHA1
492a406445daf8949cc6525fd1e72dd9e293fc9b

SHA256
0e8d62c6c0eb8d4a68cad486b17c1560c49649e7ed6b0836c269cde7388fff17

SHA512
2a26652dc8fac2a04016612780c305978f7821364965572b0fd6f25215526b4d7399a924b24c369933a682469c755c86e1f599b683c46cd83a577b7c01e1d96f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
af17ebe1fec188482b703cd4b0847134

SHA1
d7033279686e48eb1e178b45eaca05e09123ebb6

SHA256
6943f129c96eabfa8a933a6f04d8fbf7fd91a9424d81c04d4fe864005a5ae551

SHA512
58cc27558afc9671909c64a8dc8859380a261d78069b75408ee555dd906979ec24bdfbd2b51e2b805caadbb3b55dfe5cf88b1e6ddf47a23f5b89d82202570eed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2f90c27e37f057460be3c1dd98db5732

SHA1
254dbc503154d63431b926653a3275b46ae2e218

SHA256
abb5df189081d827af6b33d1a8b6df2abf29b11bde02dbee3ead0d90a98558e7

SHA512
9d9e2eea3456f5f74f051077092a36344f0ef63c3bfdd39095e27c893de78e6f80c215111baa79739c93125c442544e97cb87e2835dcf99266448315e437d4a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c57ea0aceeba65c84431298561a4788a

SHA1
0e1ac5ffc7bc5cb6039964ac5fa1634a1e84428b

SHA256
f4ca6284752d935ca2f3913ddc196df1d949775ec35df73ce97a9629124241b7

SHA512
dffae1c1c41238da8907efe5dc747c580a60f7507785b3bfded9dab5666b86214d9c9166b308112ddc5853a8cf2b9cadeb2a90004bcc28a54b6ed034348cb327

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
87914e08658a73db5eed88c66a781075

SHA1
ab24f3689497a25a52519ee9be18537af76eb73c

SHA256
cf755ff2c22efb36915a5c1c177d93b6709d77976752d3388d711408fedeafbe

SHA512
3f96a0e2bc08ab9912c1a61764d1148a769b187bc5f467cf73b064b03f5bcd26bda79c6c79d3953f9d9416e535ba4b24720865c077f35908bdb60fc86037e82c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e33d4a4891888a00066f77544b774bad

SHA1
b9458e0b151b65607b95b0c1f8121ac5b06ad197

SHA256
37478c8070520b61f6392902e1fd6dc3060873746cea3293d4ecf2ce7ed184f8

SHA512
28e9a76c6b05c5f57323abc3c76d3d531fb58233918a3ad0eee5c58fea2d93a94c086aa5b95b6ad624aafc8468c61fe1f10065bef56478b7a87f9e93e96ffcdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a10e03f63b2fd944eb728802dd8466bd

SHA1
02c38eeff30cd5ce39f1fd906cb712a3d103cd19

SHA256
82b246c208e3cb7e7a6905d744cee01a9daed2cd60ce7103ffab94b3ad10ed11

SHA512
c6fd896562eed4d3c662be07aa4bd25eb444fb322ca88941680b6f4bd82a7ebf4329fb7ebfc3d366c1c903d977e44bf86baabf3c040e31bd96dbe3ab08ce6e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
aeb9f5eb8f5524568cb5475f14abaa06

SHA1
00dc3c257c14f3c4207d549280e3be0cb8d8c4ba

SHA256
e7c704d3290b60df51c588c21416133c63d9c08136d75f5a89bb26d615b71520

SHA512
3a96f28bbdfdebe774880df16c9427125eeeff0ae011328b86d06a7e40b21f7f05900692998cf8cf790413cacb32df110a10709db245c3fe4611a510b7631999

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8df8716daaeb130ab03f3dd084c1cb15

SHA1
ffa69f4225a52195531bedb4e5b4783daa6cae7d

SHA256
1268a8417f06d49a436ae720bf7246bca5b0a8cc0102026288a2e266d3299c77

SHA512
25629f921fae7bf1f6b66ce944657a70543cdf5cfe65ae9e6385c66d5e40c8d226545b8aa7cd265d453265c02e51f197159876ada8968c921f97d267bc51fb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
28f166b1de64255bd353385a94d71136

SHA1
0b2b5131e29a635a64cffb8b621e75d5bee27c1b

SHA256
092b9defa6371fd3ecd134136951486e5dadf7f42ee049ad9007b45b3f6dd17d

SHA512
94b1e60dca6c89d003f4e06a2e0022df6f420a1580dbf80d1fac7b05cf345dfc80943e10c4134b8f4e2e71b804bcb3a391ffba28248a3aaea97ea0fd2a88e596

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e1a550d2ae062d257660366dbaa57279

SHA1
5a51245ea534dd6ee5eb98cd3c7c0c840c81ec08

SHA256
1a0e76a0df812439282037d17a08cc7c1b75422dc2619b96c6e371ac380bdbcb

SHA512
a00803bfe66ec9f51cc3b26a129d0ee05f71f212a9bacd6608c9d16c5770b94d97cf17fbbbb82ee907f2d6feedb750f1a45daa79c1112d673e8fb29c8abdc426

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9dc3497297222796d4c7b34de111a6b2

SHA1
87e4095d91b282d2c56547d86deab9dfc148d8ab

SHA256
7974384bb55aa206d283a8c3b7c5045a2fa1db47b13430c9e6331493852b323e

SHA512
3a843b85b76f31fc75d433ca05e138f65ff5f64852642bc259de7d2e1c48610942bcb9c0570e2d64fc70452217b7154c160b16969398a69893de6215ab07fde3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6d72b04a5f1ea9e806e73a632154d8fe

SHA1
5c2417e72c64c69ae4e69f870bbef599b20d2836

SHA256
9aa2f2e1727915c6fc986ed911f932b5513e91394b0eb1076cfa3ea6f5da9bb5

SHA512
a77d4e623d080f8516c57714e467c26c82ecec35c5500835bb7022c7afb2cfd90c6b395dde4acdcc70436415156eb834c4f82df8c6fac550b8ded6f0caac9590

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
63b33cdb55984a3037736eed5db294a1

SHA1
67058d88c7d4d71c0595b6b3d8aade24b0b03504

SHA256
973b70b6738505ed2ef99e61305eb9a107a30b76cf2361b443ec52d40317b439

SHA512
e58c3cc220390908427f3c6d5357c219142cf6b6de7ff252f7d1c29cf81f79907e8ef20132b04fbbd40c88f9114ff40ed27227492d12c14c827ba0048b8f86a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1f04382601e4cb9c54dbb8e649b93ae2

SHA1
f7443c40a63a714343c916dca777dad320f42513

SHA256
24178f26a5768eb2d7646232e6ef44a4990ca844851f1de54eb6c5ed4ccb3afa

SHA512
99392482c0add86537138c8530a61b43f457990263227c3bfe6dc29a0c04290f1263e0d0b58bdcec0431d00da066c1991c9054b5caf9cc08ed1d0f9471e0d35c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1fc658ac808ced3939ecd5e75e8ab567

SHA1
6643b068d5cadeff0a5a735c3af21377caaa32eb

SHA256
03bd974cdcc9c7bda7738c40f1a8349992dc83ef66cfd9d03ad8e64b946d9158

SHA512
5a4eefa4cb906ab2b8aff6070cd1876ce25d6b87a20a94b33d25937af54fd97d5050e62a7706e6e32de506d5de8e6039aa777edcd148d7025df0461b156916b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
12874e3d1d26a7a52f45e0f794c9138a

SHA1
2d0a071574b11b2bada753f07bfb801b1e85c045

SHA256
1f359d9238b964f6fede7a4187ff224e941cee5ef758dfc6c34238d240f278eb

SHA512
8c2dee9649783d3c9a974ded230a01cc7d8c7daf7800e41ef82e74b639d077b9b5e54ec103ef5350f28c0a76d41e8e78f5a967d1baa485e3b5f98a73c5e1a8cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5198eead8d373ff56c77d8d44c88e01d

SHA1
6e7bfeb0a037e76cc3357e3ede0e8151369a3248

SHA256
e1185648043a9da328bc22abfa28507291d737dd7de9d8e6e4ad1339cdc87039

SHA512
8e9a46cb5827d06193e232ca77b7f79687952ae665a17a2074c5425f3bf7da0c2f53554dd9c755bc2a3d0702bc1f2b3cb01d86bb2c0a25c45eb7224fbdfea72a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4a7c48a4579ecde622fbd66c281c9091

SHA1
22ac61239ac0ca1154a6291be63de2c18492d593

SHA256
0836f95a3a2792eb1f4012b947aeb3962f3666b2a402bf6882a5fb183b2bb681

SHA512
d0ca95520f0d932d676cc733fd099003d608197c587b33b06e8afb07553dee56ab8b94675b3e43e169dbc1c9362808efd50abb2b08f4e1c1d7fe5cc8639b315e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
831b3a5a68650f8a9a10c9e642b184cf

SHA1
829f026c6330822fffe0fe94e5b3504a88a53f3c

SHA256
a9cf59fdbf04daa24e188c9d7631538de84327e2a0979637b6cd938d07241705

SHA512
ff4df5a29811d5f9251a4d0626e33ea556d2f5a9c5567ac654da2e661a9440ed36905f7853045b02f4ca7cf64c886166e305fa862c54e479b2bb3d9545690535

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
777f970cbbaa8a7b7d329bb8503aeb92

SHA1
83b77127d007942c5a291cb6507c3b4153415044

SHA256
c857f16d7dc9699b80b4e53ad6131e172cc6b559116b4fb4c5e4f4c2da03927c

SHA512
58669ecb2299c841948975be2320ac9806a1792abea659ae15356b4fc3cb429920fd215fedc583764536bad948f7963b2abea88d31b2f213832fb1032bc9694a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
cd72090b448fb17fc3e5b4414dd9b05f

SHA1
97f77fd1a957efbda5e08b286c27b992ba1c2ce5

SHA256
832d6e173cd608b46da6af771d4fbf6542ebfe53a92b145cc98f01009c251464

SHA512
95ebe81553214a4a7ac310d7268f2b7452c27d82d1c2284308cf268870f1b61dd3ba249753b3d491723fdc1d155e6d517b31d84da08dd4e30ee45958ad32d6c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
954e13c93319a6511e047915cf01769b

SHA1
a950e87d36e561e5888260614f1952608b93873c

SHA256
d272ebb1ee903e2acf0204b84193165493b78fd1c69552e9b30d848a73411d90

SHA512
9a47b8a6098dad779e77c248feaabb05ec8aabcad96bc929fcbfe4be390a8531f3ed3d0172b708e24a2b69112d00c22006f3574112f1b271f8a56e98c39365c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58213f.TMP

Filesize
539B

MD5
270dfa78d155aa973a258a197cee8fb5

SHA1
55e072e76cbcf9177de75f283db958aadb96eba2

SHA256
87cc9aa8bc847c451ba5b9f1d774fa1bc1b1b8672ec499610c5b0abb0a7a3f46

SHA512
33b5b601115707896dc9a31fda713d74e4f52ca52460828980028750e77792d96bea83ff66670e772f6ae46aabc326c71fe79874a1a7e322e99e135b8a871152

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e74ed19b-73a8-4e2b-8ac3-83460537bade.tmp

Filesize
1KB

MD5
68851592b3bed0682d70ccea680de09f

SHA1
0246a630fa95535e102d17a37fd87c28683f1eeb

SHA256
d1eba34a6bc6abdf1f448dfbce2fffc55185b87b06855498a06e0f7ef5ef32fb

SHA512
693315afb727d9e84e708a178edfb87a6c2497d4ea9df7399d435d743ad4ec67be12f2106b42b2afac2a24ba52684e496058413f9aa275cd02d4efd1e39a8b88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
b9a882625bd754e02ef79b8efb555e10

SHA1
f79073da910b32ac41d6de86c36e6b3422f88312

SHA256
2292116ae33f3ccbd1de2bd4533302141931d6c5c078fa3c5dece99206d03c40

SHA512
408d86c6a53b112043f861dd433eb4086eafd3a0186878d08151ef2e7cdc98121698dbef41ca53d6069fc9910eed2c93331caf9badf5ab7dba972b2fd7c93dfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f8536e2052b3ca46ae41329c8287bd63

SHA1
ef877652806b2061daabed5ba0abc85eff9391b3

SHA256
109be3cc2dfac5ee755c34cf276d5f354f18768a63e0f9fc8331c7229c4cd533

SHA512
39643914a80733f838a02f6c456234e7ec2577d70dde648b669bbf90eb225fbc9d2d77995f538d3a6f47c0bbed44c53a95803deb89660fc000e5848f5f32ca2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
6fdc7b9c43f0ed7a2d2a9e3bb643caaa

SHA1
2f6dfa03af1c5827e39ef36f85da891fef2f6eb7

SHA256
01936f51b652622c7c8ed3c12e537d57469642e468cd6e24b23bb4ae7ecce542

SHA512
80346c3878aafd15822d675af8c1b074d2c64b785b44fad482067bf02dd3e11e47c93a5c087d4d0786ba2aeff11f7984bf733a634d2cbc892dd1e39594c6d16f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
53c5569cd3ade9de6916f48338335179

SHA1
03f7da9e24ff26993a38178fffec0f63876cf8b3

SHA256
404f3dd129aecea5eb37f1b2568f9025c22c9fadf2be72a14b9e59bb984045a7

SHA512
691d251cc23c1420dea68242896e1891ac11c7a037a9c84adc85a7d3cc217a4ac1c4d74d04b3eab17f0b81427527dc318ca3b60425c80882464adca4dbf5e9f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
cdfcf9de1b718407da471364ba65c13b

SHA1
2dc7fbada020a1cbfe5b7f31ab4fdfd5cdd7b76b

SHA256
1f7ef609402ca43a4e6807e0e3181390abdea02a20a50cca2f2155bd1e804946

SHA512
ad3013992ed2b56a7deeeb27c8c936f18fba894b970ce025a384449500eddb7b716de59ed1d0cb8ea1f854987d5cb9e61424807434f8a6d1f75473f990e9d336

Download Submit
C:\Users\Admin\Downloads\DiscordNuker-main.zip

Filesize
2KB

MD5
80cac0ba9a0117f60bcc4fe42c76f037

SHA1
7a248d9c4706b37b2f888d034f3365497bac7172

SHA256
4547c3cb83d2f83894c1cfd38844affc43789c4ca2ed891c7c16c55288cf8ae9

SHA512
3dc849654524ab96b6702bcc279218cdfd3246b69d88f4776fb6e97c20a5078c43af48d3661f0e2811a5efdc27ba5b4ad4e367a4fe86f932538103db6b31891d

Download Submit
C:\Users\Admin\Downloads\DiscordNukerTool-Nuker-Tool.zip

Filesize
11KB

MD5
f401c8bd4ae41c8ece3eb806189e638c

SHA1
6f67b8e10cb8440ecbe9c4817d68d5e72e5f0ed3

SHA256
6a0645b2d86655c146a8b91709b631e8aaa83af8ab9fcda54ac032a813c70cf7

SHA512
a9ab45440a8d6ced6ff1e6436fd86b05dadd4f87c8d3bd7a59b3cafa7aa8e1b565edd432881e0ab4335ff6dbc152eb6d1d72146502452a321dd6932cea75969b

Download Submit
C:\Users\Admin\Downloads\Server-Nuker-master.zip

Filesize
43KB

MD5
90414cef642a43f5ac15c5d3ea801055

SHA1
8fdb1924ea4b47fe5763a4448bc674fed2ddc037

SHA256
99f941a5f6b613347aa238c3dbe0c7b1696f16237dc835e3c68e2efd99015d67

SHA512
71bddb88dc720ccd22f16207df5556693b028805608f9e7b5186a713f22919e8149a7629fb69411344e963ed482ecf4bc8f84bcbdb08ecafcf13482a285bdc12

Download Submit
C:\Users\Admin\Downloads\advanced-server-nuker-main.zip

Filesize
22B

MD5
76cdb2bad9582d23c1f6f4d868218d6c

SHA1
b04f3ee8f5e43fa3b162981b50bb72fe1acabb33

SHA256
8739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85

SHA512
5e2f959f36b66df0580a94f384c5fc1ceeec4b2a3925f062d7b68f21758b86581ac2adcfdde73a171a28496e758ef1b23ca4951c05455cdae9357cc3b5a5825f

Download Submit
C:\Users\Admin\Downloads\advanced-server-nuker-main.zip

Filesize
11KB

MD5
0606cbbb39f4a2de272dd1912d53aa66

SHA1
da1488724973e2d5e2f15abfed59ebb9064304e3

SHA256
49ed73abc8b36c046b604f78e0c681b7d96803208c5c224db8eaefceb860a030

SHA512
bc1e5bc8b76bb1524c724ae595071dbbdd302f7c8ba6d47a0341959b8565e21f26487c94df6aa8e577935aae9d547e315bf75ab1e2c1c84b4164b36594e132f7

Download Submit
C:\Users\Admin\Downloads\multidiscordtool-main.zip

Filesize
15KB

MD5
99023f7409a5f2200ee50b035d9aeb77

SHA1
a1e1b3875ca50142d07bf1ed9a173c92404995a2

SHA256
5cc51aa7ca3da5f04c5d1f63aa99e94a0606775bbec3a23fdc1b398be33da769

SHA512
96af942644c0b67ce4a311a19e537049db1edb9a79f377e06830b331f732366cce5d0056d8a76ede737416f575005fc1a543254218b3ed70ddeef47c3f198eb5

Download Submit