a8bde37a3f32196adba2271e49c9bcf2d18a46df94e660418fec55bff789f88b

Analysis

max time kernel
51s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 22:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

oh my pc.exe
Size

1.2MB
MD5

ee3bba8c89c58aeaf5c42bbdd40f28a8
SHA1

c2e6268729492181b00a54c87917cc3eb23a2b4c
SHA256

a8bde37a3f32196adba2271e49c9bcf2d18a46df94e660418fec55bff789f88b
SHA512

5963407b9abb37839f8a6572b29087fdeb2b96970bf4dcb9733fd632b0b580fdc69bb6e8f1687ce7287f2d6cd2d08c9841ea56a181f452180029e80ce982693d
SSDEEP

12288:QBQwzbWkO9M4fZKdTbvQW6ywbQFzCPc8DoTy2692L5CgOviXhWiKiJBRNCTC8IT+:QqubWkO9M4fZKdTbYW6Pbi5jOliKi1E

Score

7^/10

bootkit discovery persistence

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000\Control Panel\International\Geo\Nation	oh my pc.exe

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	oh my pc.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	msedge.exe

Enumerates system info in registry 2 TTPs 8 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	oh my pc.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings	explorer.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3180	vlc.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

pid	Process
4852	msedge.exe
4852	msedge.exe
1376	msedge.exe
1376	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
1300	msedge.exe
3948	msedge.exe
3948	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3180	vlc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	2452	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2452	AUDIODG.EXE
Token: 33	3180	vlc.exe
Token: SeIncBasePriorityPrivilege	3180	vlc.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4004	helppane.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
1376	msedge.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
3180	vlc.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe
4360	msedge.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4004	helppane.exe
4004	helppane.exe
3180	vlc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4004 wrote to memory of 1376	4004	helppane.exe	100
PID 4004 wrote to memory of 1376	4004	helppane.exe	100
PID 1376 wrote to memory of 1300	1376	msedge.exe	101
PID 1376 wrote to memory of 1300	1376	msedge.exe	101
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4964	1376	msedge.exe	102
PID 1376 wrote to memory of 4852	1376	msedge.exe	103
PID 1376 wrote to memory of 4852	1376	msedge.exe	103
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104
PID 1376 wrote to memory of 4976	1376	msedge.exe	104

C:\Users\Admin\AppData\Local\Temp\oh my pc.exe
"C:\Users\Admin\AppData\Local\Temp\oh my pc.exe"
1⤵
- Checks computer location settings
- Writes to the Master Boot Record (MBR)
- Modifies registry class
PID:2280
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:5080
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:3292
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3180
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:2988
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:4192
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:3708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:4360
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:4284
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
    3⤵
    PID:1940
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3948
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
    3⤵
    PID:712
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
    3⤵
    PID:1628
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
    3⤵
    PID:4736
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
    3⤵
    PID:5372
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
    3⤵
    PID:5580
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1
    3⤵
    PID:5724
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
    3⤵
    PID:5984
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
    3⤵
    PID:3596
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
    3⤵
    PID:5316
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
    3⤵
    PID:5824
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
    3⤵
    PID:5224
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3776548328057593409,2724458970139479953,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
    3⤵
    PID:5144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:5232
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5292
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:5816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:5876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5832
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:748
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:3852
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:2636
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:5136
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:3624
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  - Modifies registry class
  PID:6200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:6964
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6984
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
    3⤵
    PID:6268
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
    3⤵
    PID:6276
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
    3⤵
    PID:6284
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
    3⤵
    PID:6356
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
    3⤵
    PID:6364
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
    3⤵
    PID:2720
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
    3⤵
    PID:6836
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2280,16481243360981488497,13943816236987347446,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
    3⤵
    PID:5924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:6204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6584
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:6700
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6636
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
    3⤵
    PID:6776
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
    3⤵
    PID:5424
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
    3⤵
    PID:6800
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
    3⤵
    PID:2888
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
    3⤵
    PID:3300
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
    3⤵
    PID:6572
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4088 /prefetch:1
    3⤵
    PID:6508
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
    3⤵
    PID:6424
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
    3⤵
    PID:6148
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
    3⤵
    PID:6100
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5820 /prefetch:8
    3⤵
    PID:7160
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5820 /prefetch:8
    3⤵
    PID:6424
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
    3⤵
    PID:5028
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
    3⤵
    PID:5908
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
    3⤵
    PID:6952
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
    3⤵
    PID:5524
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
    3⤵
    PID:5860
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
    3⤵
    PID:5444
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
    3⤵
    PID:4964
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1
    3⤵
    PID:4364
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
    3⤵
    PID:2692
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
    3⤵
    PID:1500
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
    3⤵
    PID:1400
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
    3⤵
    PID:7100
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
    3⤵
    PID:7700
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
    3⤵
    PID:7944
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
    3⤵
    PID:8076
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1
    3⤵
    PID:7540
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7772 /prefetch:1
    3⤵
    PID:7248
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,7969699027959947124,2961966559125775061,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
    3⤵
    PID:5288
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:6400
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7084
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7124
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:2284
- - C:\Windows\System32\Conhost.exe
    \??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    3⤵
    PID:712
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:2148
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:7140
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:1908
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:5204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:4580
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:6512
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:5840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:5680
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xe4,0xd8,0x104,0xe0,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6328
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:5868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:7140
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5032
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5620
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:6356
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:7312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:7596
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:7972
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0xe0,0xe4,0x108,0x10c,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:7464
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7476
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:8140
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:1212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7108
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7364
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,13231300384887773447,16221303398966645451,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
    3⤵
    PID:7856
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,13231300384887773447,16221303398966645451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 /prefetch:3
    3⤵
    PID:7912
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,13231300384887773447,16221303398966645451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
    3⤵
    PID:3300
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,13231300384887773447,16221303398966645451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
    3⤵
    PID:7032
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,13231300384887773447,16221303398966645451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
    3⤵
    PID:7000
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6332
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:7332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7944
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7248
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
    3⤵
    PID:6928
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2428 /prefetch:3
    3⤵
    PID:2148
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2992 /prefetch:8
    3⤵
    PID:4924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
    3⤵
    PID:3592
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
    3⤵
    PID:7448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
    3⤵
    PID:1096
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
    3⤵
    PID:8096
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,7931633710861221717,3411315942103165508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
    3⤵
    PID:7000
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:732
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:4192
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:1264
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:1088
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:3472
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:4676
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
    3⤵
    PID:5976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
    3⤵
    PID:1172
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
    3⤵
    PID:2164
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
    3⤵
    PID:6360
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
    3⤵
    PID:7564
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,12958133411213617511,14724690558531836000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2336 /prefetch:1
    3⤵
    PID:6388
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:6956
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6928
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:7448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:1156
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
    3⤵
    PID:5812
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
    3⤵
    PID:6600
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
    3⤵
    PID:7548
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
    3⤵
    PID:7956
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
    3⤵
    PID:6128
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2228 /prefetch:1
    3⤵
    PID:6744
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
    3⤵
    PID:6568
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,18413505102510401215,12763881874718201438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
    3⤵
    PID:2148
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:7704
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:7564
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6296
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:1352
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:3344
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:6656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:3672
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6948
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
    3⤵
    PID:7440
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
    3⤵
    PID:7764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2508 /prefetch:8
    3⤵
    PID:7252
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
    3⤵
    PID:6740
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
    3⤵
    PID:6856
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1
    3⤵
    PID:5800
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
    3⤵
    PID:6832
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
    3⤵
    PID:2800
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
    3⤵
    PID:4180
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
    3⤵
    PID:7232
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
    3⤵
    PID:5172
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
    3⤵
    PID:5652
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:1
    3⤵
    PID:1152
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12725748359776598679,17216875046036766167,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
    3⤵
    PID:7872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:7528
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:6840
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0xd8,0x104,0x100,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6360
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:5384
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:5860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7624
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:7660
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:3808
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:6444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:6992
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8148
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:6600
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6252
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:8620
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:8968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:8424
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8408
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,815911889045943464,6895043886900927919,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
    3⤵
    PID:6372
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,815911889045943464,6895043886900927919,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 /prefetch:3
    3⤵
    PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:532
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6916
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6140
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:6760
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5220
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
    3⤵
    PID:9160
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2512 /prefetch:3
    3⤵
    PID:9064
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
    3⤵
    PID:9172
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
    3⤵
    PID:8348
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
    3⤵
    PID:8448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,1170171487144507380,14087233617721383111,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
    3⤵
    PID:3756
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:7792
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:7560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:8780
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5640
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
    3⤵
    PID:7044
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
    3⤵
    PID:3244
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
    3⤵
    PID:8832
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
    3⤵
    PID:9088
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
    3⤵
    PID:8320
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
    3⤵
    PID:6308
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
    3⤵
    PID:9164
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
    3⤵
    PID:7808
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,16275464722356524,12628068329126198188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
    3⤵
    PID:4708
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:6652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:8816
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:9208
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0x100,0x104,0xfc,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8316
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:6152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:8368
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8756
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
    3⤵
    PID:7428
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2548 /prefetch:3
    3⤵
    PID:6856
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8
    3⤵
    PID:6844
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3716 /prefetch:1
    3⤵
    PID:6156
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
    3⤵
    PID:7324
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,8066729235388059954,2048514550247962847,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
    3⤵
    PID:2284
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:8268
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:7468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:8064
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5544
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
    3⤵
    PID:2508
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 /prefetch:3
    3⤵
    PID:8932
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3080 /prefetch:8
    3⤵
    PID:8872
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
    3⤵
    PID:7480
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
    3⤵
    PID:3648
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
    3⤵
    PID:8924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
    3⤵
    PID:8688
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3780 /prefetch:1
    3⤵
    PID:8764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
    3⤵
    PID:4460
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,312432762400930518,6511102438942987431,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
    3⤵
    PID:8556
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:6656
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:1224
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:8216
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Windows\Media\Windows Critical Stop.wav"
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=minecraft+oh+my+pc
  2⤵
  PID:7356
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6660
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
    3⤵
    PID:5752
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2552 /prefetch:3
    3⤵
    PID:6024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
    3⤵
    PID:8884
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
    3⤵
    PID:6604
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
    3⤵
    PID:8024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
    3⤵
    PID:8760
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
    3⤵
    PID:7952
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,9504538192102324377,18446274421737287771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4456 /prefetch:1
    3⤵
    PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:8640
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6420
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:5716
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:7432
- C:\Windows\System32\cmd.exe
  "C:\Windows\System32\cmd.exe"
  2⤵
  PID:6300
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe"
  2⤵
  PID:5492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=why+virus+i+executed+looks+like+memz
  2⤵
  PID:6084
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:6372
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
    3⤵
    PID:5724
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2660 /prefetch:3
    3⤵
    PID:6228
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2980 /prefetch:8
    3⤵
    PID:6820
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
    3⤵
    PID:3812
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
    3⤵
    PID:7904
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11433321908185250671,11209879428340353396,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4400 /prefetch:1
    3⤵
    PID:8604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.co.ck/search?q=OH+MY+PC+compilation
  2⤵
  PID:7532
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xcc,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:8868

C:\Windows\helppane.exe
C:\Windows\helppane.exe -Embedding
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://go.microsoft.com/fwlink/?LinkId=528884
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:1376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    - Checks processor information in registry
    - Enumerates system info in registry
    - Suspicious behavior: EnumeratesProcesses
    PID:1300
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
    3⤵
    PID:4964
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4852
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
    3⤵
    PID:4976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
    3⤵
    PID:2904
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
    3⤵
    PID:1472
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,16129213783322757419,6685824097811382599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
    3⤵
    PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://go.microsoft.com/fwlink/?LinkId=528884
  2⤵
  PID:6848
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:3596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://go.microsoft.com/fwlink/?LinkId=528884
  2⤵
  PID:9112
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb161b46f8,0x7ffb161b4708,0x7ffb161b4718
    3⤵
    PID:9132
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
    3⤵
    PID:7940
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 /prefetch:3
    3⤵
    PID:2720
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
    3⤵
    PID:3560
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
    3⤵
    PID:8756
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
    3⤵
    PID:8764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
    3⤵
    PID:2924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
    3⤵
    PID:5672
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
    3⤵
    PID:4180
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
    3⤵
    PID:5172
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,1555599848931828643,4565977807450103269,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
    3⤵
    PID:1152

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4284

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3292

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f4 0x3bc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1152

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4724

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6680

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6884

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1384

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6704

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6220

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6508

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7712

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3068

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2756

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7816

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5244

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2844

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8556

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6364

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8108

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\676ba23e-7584-47fc-a1cb-d5cbf8d7cbd1.tmp

Filesize
10KB

MD5
6b606567e831fb9b2a40049f9be42451

SHA1
133d7554cbe7a43ba24b72a7b88228e6e1b8c9f2

SHA256
3842c3a2bbf0a182165152f3e22453503e02652487c2ef1b9d5cf99d21b9726d

SHA512
ae627155a1c299e52fec60558882545f61439755c98b9a6525f5bc6d756689622265bd9e7bbe77b75eb7849df778be8e55cbb77630a8a5c23ddde3cc59b211ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

Filesize
150B

MD5
0c126e1ea56d6ad4c35eb93c7e03d53c

SHA1
d31c8edd19b5d746f4a4f209a208d2be4e2d74a1

SHA256
6bab899cb8821109eafa0e16b50d437a89346b0e0e1630a84d6c2622645510cc

SHA512
d503113e934589990baea81569b41a9f92bb31b559e66e9273e278268d08aa7655fd99efd535a1850a6d1c356835ccdbff1e26ff2a9ac07135dc26c151778d8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\c8c58179-6652-45dc-949b-738622bdec57.dmp

Filesize
10.9MB

MD5
9651afc06c979a0cd2cf45df8ef05a5e

SHA1
83d9c9dbbaa3161b627c15b66ae1e4c2a7757d98

SHA256
16a51a2f423f205c3f9f3c909747b6c14d493d92ec3bbcbfd74a287062db3b21

SHA512
9c122f35b383163056d884bb0ec3fa288f7870366d986849ef8e51879213720e1ba8975386b2b387639825a7ac565e4ec9922eddb2a0d193d8c4155a2cb28879

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34a9a1d94b9d278f365b417bf6b8a41c

SHA1
5e78576ffbc8435b7134412bdcfe0c8d54ac60a5

SHA256
bbeeaa01860018da10a8e527acd635fca0807e65ece9607c1b7f321d2470ee5f

SHA512
98f4bc100ce338818709358934b4de4a53e14560e3b5017bfaf968556d94c9b48106e27f01ddd7c2e6add3f65015ae5afc662eac7a3ba25502592a240aeef035

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8ca34ff58a518b4d44ddd36dde7f89a9

SHA1
cebc010aeabad76ec2557d770fb377059ec7c69f

SHA256
d06a2013341019bca42d80bffc4fc06aa09c2aba165abaac9d552c9cb3af7bef

SHA512
502eb5f47478ef00402b81ac648783d9de983f49cf569ac59e36871ee3cf8db89ffb26f5c9895c45225df5b64390f2b7462e45fb8362633090e382587a63b95a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3c907c402a4d8e255ec4eb0eb021ce16

SHA1
9235a345b154cccbfdf7c8508780170e9306ac26

SHA256
446e57d46a0b16c1958b112668607bb50ba4e74efdb00c8650be402b6c7e7c1b

SHA512
f8982bf560fb7716ba580aa2952b21fe3cec66cd08a5e4e41522130bb1b585fc0d7211790b150ba2a67c09423f395d32574597f22194c31288d7f0a260d6255c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0b5a07a02a3589442336ad2c3047a1ce

SHA1
6501a90f1ab5abe248bc99c7886df3c805d855ff

SHA256
1e3b40191426ee419a9dae7f72ae2e0e7fcd97b4f77e3e040914460879732621

SHA512
1af49a97dd310dd738383f2c109a24f10a52c36230381d2721685a0165f9ce5c773ede85f8d0c3fd8cc6867c12ac3cdea7f7c45e4902bc35528102a585d9d799

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
30743f1e736d471f977d83266fbd90bc

SHA1
64e188a13f10b987f8a45607b6fa53efe3561d9e

SHA256
0cb3b0247e6fe0162dadee4f82d8bcaca96d7d7627c87771e195401694da0263

SHA512
b33b184f22e79e872a12cea61be59c31b1fb9ed5dd5070588fdc6a271111775693dceda4cd2066109984a13305e9debbfd159f45d8d4b7fba7da09197b872b17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d104f0747f0a19290c0f3cf0e883fe84

SHA1
7e4563772c64c2b72d781beeae6ff23ff13379b4

SHA256
889fa6c344f03b35981c57ad8d6057feeec871fbb09627ed1efb3b2d92d4763b

SHA512
e085516b0ff327fe4d8bcb031afb5e64dc2aaa059aab56eb7d3afd9a0e66867820db74736b3f0f632d3e1eb396bcca8d62895979775def09666ddb7eb44ff519

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
16d47b282be169a5e3b38ba843f0c231

SHA1
910df032b0a8560d4116d1a0f0bcc7db503ba46f

SHA256
fd8b4ab6c0240d48327db97f08b6c0ba28e063d6ade3505a2ea4e53f90c55abc

SHA512
cc7c522a2bee88841fc66c73639e2247d588e567a50e02df382762545cb684a2fadaf2ecedb4aa6295b3082b6b614f66ce52eeaf30f3a65da0dfe2273f1ea27c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
10f7404d869366bd0d126fa418d26f73

SHA1
1e3d7588e426148c1be590c75c10acdf186edba5

SHA256
ccb88b9c34f372bee6c79558d709d9510aee3cc0545f9d76fd7487c23a08cbb1

SHA512
286f65d7acaa1ccefc11e43765a8947fc0e91ae8e02db69000791ccf2d19e14feafc733e4306f1066ae993454f9b3d0b6d9d3b810a018587751be5991ce0bf1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4cad731a2693ad74ca6dd0ced627d23b

SHA1
a9d296fa0bb0b284c2b17a11b91747cc2ab149eb

SHA256
6b284b6ac3809ed4e61cbe5c3fbb9bd937b52a2ccc9ca685f4987316c3328024

SHA512
82791916b15cf0fb8ee5c34775549498d0e37d37fac298aface05c5e7d46a9abce4c5a81f39f964818a4094ad0498651e5bdabd93b2e973d060102c15fa18b32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c826fb5ce39ab51c717b335f138ab7af

SHA1
3c7f8334d1904763c7cd88f3650209a55cc90dc3

SHA256
18bdba72d51e2fa7d7e6e2eb7c2d423a7b55db880a9e1ff2c968734cf6b72f6f

SHA512
3d927e5c6a83cf328245bbd1dc6cf2c7e9fb0f18da0c250b88c935d74a5004bf3a151e19f3c0b5a1cfc37bd2451b7bb3dd6e7962b3d654e3ef76899246a2bf37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4453cbd5a571d8cd3e5789818b9e5d89

SHA1
312fe9c119ec1fb20a71ca8d24e18efa428a8af7

SHA256
ac5abed2feffaa383094b7039225c3288cc6ba007b51f024d1ec948289670266

SHA512
13d9833870dd5ff73c4b454bc522541581ddbd47156135555828de225e2f0bac07916841305fa5752f7c749ac7d23937c8ecfe8ff58080ec504a49633773f0b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
08d332f68b693d1a4d2de853ff3ad023

SHA1
0f6f4c1119f17ce59f01bb76c62fffadc682cbe8

SHA256
23ce6b59dfcb3ee81fd3b1b27b4e92a893dd73f9c29e2ab45b8561db01816398

SHA512
bfefdb9914c99b68ba65ad9a38a2eaa2c65cb962517bb4335d33d72a8690ac0ae9d54546c4a5b0e56919b08c3509c1f34b5210577fd6307195e00d7cad152ba5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f18b43997a94deb18959b8116c6980fc

SHA1
aad392c4ce20cfdd67415bb1851598d46bc62139

SHA256
e116d460b502d74594e61a31973dd43ce1d0533da72290ec92d868e2f4cba733

SHA512
a283bd63169ff9f1fbe2e72f5b7f31c7b4a50a24f58e4f58442834616ca8a83ba8f3b9814d8cad9b4fbbe3ab4dd0781c8df16f9e11123d72d27162583ba9546d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5786ec84a319f8052953eea8da73e31f

SHA1
1e13964a39c59c3365fe9ab303ef2e96c9500d52

SHA256
656e118d208a8a348bc97db0c9a97042546c7a0fd83f0c8cf1964fa597ba8adf

SHA512
72b92700f806b56296e7923aedf343e5af8b6ad5753e0996a6b2b72bdd605828690a74363701d0b30c8084a577b4a015e43bb41f28333b856d2dcb5260599db1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a27a93dc36caba849782c3913fb63f18

SHA1
a95ab3ebef42e8b3650467361927e3c59fa8913a

SHA256
8a229943a925a2a91774eaadbdaef7df34b9304e29e33807568fc7ef5b3d56e7

SHA512
d7b6137c027757e456fe9b1a33864fc9df7070eb365961a53337af48e38a0097575c9cc0b38790a3d24e4a2a575e6ec84623e31693ed513d0d1a19b8a8cd6505

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
02105876dbcbc5ee94b57b44038c4cd3

SHA1
9af1cc5a34cec323059c7aaa4af4d3e8b9669f08

SHA256
1053eb7f447dc85e854a7deb5c54079bbe64e07dd3b5cafad78fe7bfe4a8f288

SHA512
86bb5397f76184cbe9bc3e3fa2a9f7babdf721201d9d427777ea9d1a4f3644bfefc2fffba8ebe441a53a2caea8e13db00b6726d070ef1afc6ad576a31ece4c64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\50167cbc-f82e-417f-9c39-2d295084d203.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Bookmarks

Filesize
1KB

MD5
97e1392754afca97a9be67097e1c1cbf

SHA1
e4ea371ef5d6eb10ef8f7fd3b7aecc8734644c71

SHA256
61ea13bb837b0c59e8eb1ef854c27ebab3718fc2b97151a76acabd856c5c82f9

SHA512
b494a44b8a235e9c14aaf3e5f990f9cc4e9059a3ea8b43f4329983b9b7c196bbde1838a0fc26be05cd61678798dd20b1c4487b575e2ad59c4a2b5e030c7b3523

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
d8efcc2130a166a487061e1237b19171

SHA1
e2887502eb02c255ed81654d239708297082c62a

SHA256
c11b750437979c557ddb730b9c068cc6ca43c2ed2b928071437858fb81650b9f

SHA512
f050b4a6d026eb04e42b342dcf55593a20fd27a6eff9237a0cee21192451c529451027143f514a53537f942352af176aeb0f099d95da31ac3dcebe1df6e4b40e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
10a0c2ee945c982921744fe800158f13

SHA1
51c5127736630c9dcaf2cef5a4c57efdeefb32ec

SHA256
8a277d0ed2ce5d0160c7ef81e44f69f4ab23cd132618cdaccd5f8205e0fac35c

SHA512
691305d13d7bd5f7b8dee9dbe2fe0db8417286e2e0122923c7b7f7e9d25efd57e52c3c8a9139a7b751efe0e8fffce3a6e3fd0ef16c723f631353f8aa30251bb8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
7910b19d70a95c301d63be28be21b54a

SHA1
847a0f34f53da2715fa1c19c7f7bcaef833bac86

SHA256
dbb0a8606ee41e41573eb814a7e142b3f719256a4d2bce2bca9fa997472fe198

SHA512
d073061de35703f8fea5a861bf52a2bf6086951eaa974898cc7510c17ab112c763f9e3aec041885428c646e3ae09d07db999734af41b001b76191068253a3b22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
325d98132c44f1cbc97c359d517e52fe

SHA1
d5d08f3b14697c4bda36fb69357667135e825ce9

SHA256
daf1d6b44c4ebe0ab4c7b8b9195e2099d0da314192f1dde4ea4843d2c5a8f8e2

SHA512
8f1f21829f8821765558f52f797aea35cf0287c0f054c94c8657321a7898a1a29ad2734d1658b7eb163727bade7457793ed74ceeca2e032eba800af0b89e0f0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
82df64768b4b5c896d7114b1f12a170e

SHA1
3dbd282f9222c7f8aa9475918a1018b878fac07b

SHA256
5bd216a86123cbe14c49387ba56666d59b77b63a1905108550a79d85cb7195df

SHA512
8b2fbfa16a6d597975e4421ecd91d84d57fadb457a2ac0a453d281d9835842367b3341d097726b138c4f0aa558b53aa399088fe0d0881205b1457c8a95b0438b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
bc2d92bfa24ebae33f840e913fac7bdf

SHA1
0007494535ff0afb0eeec13f6276da4127007a99

SHA256
28564be3ef1400a2e9dc6233654ead6572458969393bcb00f55519d09f2e1f52

SHA512
dd8e66011318f53d15b4beceac833b0d80e419c0970409f4f0747dc1fa0a49bbe205505fc0691f70a5596dc8d5aa4a22cd7f7d1a921fd95e9d285429dcc70bf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
f60c2604f4c35bd642fe3b9317535c80

SHA1
eb22294681bcdfea1b6dcb581883a5614ac1e0b3

SHA256
fb5646f1268ddb6a6656f21203c68369ec9369aec65b923c3a2e32e576b0e050

SHA512
2d3c56dffbda3f258eb24c15a1e4684614097691c7ba630515efdbd88a5f8dec0d0cad7640490c0c9598c01f9ceb73a12668c6c89cee79ede81eb40975e2b8f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d24772806200057e_0

Filesize
330KB

MD5
8f1bba0785bcb6c1030254a3a4adb055

SHA1
5beeb3d91ba0aeee5b3f6be181965e4ceb60ea51

SHA256
5da04f6b408dea56aa087b9283b2ed585eb92b3735f4fabca6d089a00b92fafc

SHA512
0ba3df46d29af0428bfe1cb4c1ea1e8d230f28cea2681b5ad6d7d564f89843d8ba0a0c9cb7845c69457ded03f0418360031826022b1e92b0babb6d469c422ef8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea9b8918ad020319_0

Filesize
289B

MD5
98a5aceeb7471de0399a0c212671e355

SHA1
592a37945289ae36ea519595cb980a2f6b507b3e

SHA256
844ed4512ce984e835262e2454ccd74456562ef1efec5e0ba006db310c8c59b9

SHA512
3fbfd215d3582d98fcd02f803a909c66b9378ec8b199d38050f09dc1d0e796893e63aff300fbe008230f2e477522d58379e744ace4c70aa6253a5dc5e352c8b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
c2a8bc5b2eed94a93848c5eaa2c76e5d

SHA1
6ca5670475698ff69a15837fda16783357b228fb

SHA256
8b36f97bef27082a9497afbd685a9a5c167102617c93c08261f3278cc7bdb407

SHA512
9b1fe86b439bd128b4a8c5a842fffe15abd13b365e124172fda19b3dff79f57ef5bd85591086d2ec407ac12d3d8226a0e1b2157c29cbeca34752567510b18c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
f760df999d0eddeac7a1d802adbc2b23

SHA1
2cafaf733ba96f5dc71dae10971539ab318c9950

SHA256
11a7021a74206d54c2ac87cd5a4ee0b04067d67286c51c6f089ebbead7b2c218

SHA512
7476af79b160e579b47dd8fd3922b9c63def0daa752e69a8a31bad0c6d4a34a8e5ea2b1daeb4c7bb657d628a74057a335a209b7c75f4bd43a4e89cd9a617cab6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1d8dec5e51d6d93fd378adffe4e42ea4

SHA1
3a363f00968b95245e3c4066d8e196eb4b2ae229

SHA256
de9ae45d5008e53bf3f0ca1b669ebf941f71aee74a0f5ec81869a4e1363efdb6

SHA512
dcfae65c0176a9811c8b82e79244389d44f07483d9059da47914925f31288ce32699752d1187791f201a2886deb6d52accae30780c0d8d1caa535dacb1542e66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
a6a20640734f569a4afc54c277756ae0

SHA1
9e67385c0c87f407169b6509c23e0b6684ef59ec

SHA256
fe6402710e1cb77975be284e9cb3029df11be37f2d908c88cba730e8d9335b58

SHA512
0dcb7de6f040866986f73057a66aa9bca3bc7e1d579e6949537ca9542fa007b6d394a1694c39c009ed4133b26e6a7885fefdd34d0ed403efb710cdb16769b70a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
346cd9f65422f61f2bbcc58fd7dcaf1b

SHA1
e346f8ee27906dc98f2c638150a7e9d24db37979

SHA256
ad051b00d153e0d3a2e1f773f2155436528b90cc9af2f1a9e67b0cfd2519f638

SHA512
db290c2d81029519c4a757a6c556eb1aed9e80ec99a7134c93a8aadcbaf6f0c22acd378013a182ec4f7976411c0f32fcc4867b2ba8431a24872a5f13edf892e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
2cfefa114ba92d17dab3993012a3c8a7

SHA1
1c4d1567c7a933e1abc86150403447f03d910006

SHA256
8424f827e6f52c011a64ce183330a117996ee870fc723438f729ac1dfa5f438c

SHA512
16cef718b48e99ec76112795659baa2b9c2291022f106f7dc966e85726ed8281c07e74a10c2c11763cd6ba178c45f5148161b55714cd86442f449377a286c2f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
286ac0a77aabf6cf5f8bd5ade82c9ba1

SHA1
cfc79f2c3963548c52eab91546968edc02ef347c

SHA256
94774755b0041c5643a4d7f67965be3a4ad731bed93f73ea604a4350116165ce

SHA512
f4c07b7af99625a8ceec4f787e74cd6e318041dbfdcdb9816cb3a991a99ae156adb5feee846cccf2a88b9e252c9cd1306b9e96af67e1199a941d96363db202b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
61e90f566ba77baff892185379399b32

SHA1
cd14356e0d889dd1e4c3c29e60dc6240dfbea19b

SHA256
3fd4c50cc528cc205a0b31d877309fa39d30c96056c81b6e3c5e50fe6a6d4578

SHA512
147d0fcd29cf897e70e51b3005a0099147bc4f658c08c7fcbd31ee009b3d1486bb09c341812beed19ae471d62671de063fdbfafaf399ff3f28b472b489a28139

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
83c2749b78ceef1424292521935592fe

SHA1
058513e4cc5475d08ae6fb09bda7236ea309c1ea

SHA256
8c75d6bd277c10d86af57f9556b299113b45fa14b42c266afa570e93f3730949

SHA512
acc58428d3ed57f670d1c3e6cf1c8835edf07c6e0c5fd0d3c715ff07e8fa38256a56c0fab8e75e91de17877337db0a9fd04a8f4cae3f7b5d9900eb86cdb20825

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
3b3ddcf853451a0d0a367365b2180ff6

SHA1
e0e1176bf2d363e247d583ec73ae2da4bc081e1c

SHA256
6a3930c3c81aec40f9bf3d4e2208d4f2b18c5c729bf6f950c1853ba833375941

SHA512
1e334b7044ee109ff8e29b19adbfe60b1feb93ff24cefc94288641a1b5c6e83db4abe610ac7880b646094a375a1dcc3957ba6b7f5c7f70c275b38bc9e465e7d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1cb37b8817a14aac1a53e2d7554817c6

SHA1
d8e5a504dca564cd9217e91c8d88204370ed428e

SHA256
2b460afda7d43f7f1e73d40c79aeb6789b52864c6a2a5f2a95f5f5b7fcad2c08

SHA512
e6ec35229d5546fd826243c41bb33590a9657a8e85bb415c5e0624e5bc2ddc231a1c6c77794caca3fa94235d68a227eba80f48818b46437ddf6a3e94f0dd8c76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
2af3d94d27451332450dd026ebaf0237

SHA1
0b1553dde0168db40afd1a026dd29cea96a4e04e

SHA256
4510dc8867f26112d0ef273bd92fa0cb085c3933b4588330ac4cfccfdf5d2b25

SHA512
977b21fd6b5a67cd50227c6e77a18c0b4482ed785ab3eb9314b054b428894a324f2fc2ec91adb10255b9ffb116602b078ab2f3a8b930aab044cd01d5b2f17996

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
0ab506af82d06717521399075814d6a0

SHA1
09fe3436ea8fcde0d869090fa1b357fa3cc19042

SHA256
6684fec6702a9dbdc319126fb8a959f098b864d786c6a72b1b43578d8e005b35

SHA512
c2989fdaa746b3c41bad6a4c7fbe199b44235c9aedb1c60b6781a929a8a1622e9f43208594bf4aa59f7149185c1ada07aebd298dd42f15057d6ff12b5b5b4885

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
322B

MD5
38de74e1afab3a745de97cc805ab5f1c

SHA1
00258e6f5549909038560bf12260ea64740d06a7

SHA256
ffce87aa75537bc3fe1f277fb6cb4d7deff02a36c1c710ac7734cac5c9482fcd

SHA512
c5b94c339369b001b4cc265e37bcf24224ba2b8ebe2060ed0c3fe0cd894d12bcfd2d0bdd694377ade38a92333bf2bf22c3cac7aa10fca57234ca2b94f2cc1663

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
20KB

MD5
79a8d33664ded3d294aa556f089fbab9

SHA1
e616b29ecfc520f8fdaca4ee46f62601e2a7fad1

SHA256
a3cd7872da7646402869f1d442865beaa07ae55d676a49644cda1a7e75617c7f

SHA512
034ba7851a1b83885b8b6e071645a83edbe7c77ac9e5fde02b5ac635f813ba26dbf245e918e76501cb90fe48b4b27b1c44521f382659c7cb891cd86c9900d447

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
ed6cb01623a0f1f27c529f70fd3e6d91

SHA1
ec78e95152457bd9247d82693ef6f5f1c4c5bcbf

SHA256
636762705a4ef583a72caef7935167e7d54c95195ebeb98932eebac50aff3286

SHA512
e7b7989c3a76e154b29d61c82c61b4ba3c22a42ca44ea0657c7916aef0635af69648bbe3e985e24b8ffcbd98ff97b431d92b0ffaa7d624ac5f703fd9734ce6b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
c9c05a2b235b0d2dfcdf85552f24be7d

SHA1
f11657c72b28e5a7e4ae13ca8c4e718b993007f1

SHA256
e13e31c14bc2d5b8f6b8389f0ea62d70cd223671d27ba5cf425cf40634013110

SHA512
43a307e6227d90aea4ad5b4ac1b811d352875b364d6096cb982be32bb3d2c4c879c61975bf80971463294347b935e55b9105c6313a1b01524ac33909a1a8a292

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
1f1d4fd24929bd9f02c3d072afef7bbe

SHA1
98721941f9897dcf84f3479d05a79aa1c94abbc4

SHA256
23691577f71a3977d4c9e06d53642d7fa5a9450b9ac130d4a6954001c9d454d0

SHA512
ce3a29ca5091b64f2d4d25cec4db1964bb230ebf30d4ddf5116fc3be9ba6180c6f72c45c4536f88a360f7c2be66ac49ddabb9edddd53dffd04039dd51f9ec848

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
ee77158e87750f9ee48275d73953b3b5

SHA1
7149db39d6df7576271538bb533003703670ac0e

SHA256
ed3868377974b2e85961712c361dbd791b7b746ce27d5b37358134559a4a0e15

SHA512
7ec4f37451cd791c6d88d7225b2679cc5f55c9d69427e8c8dbe66d3a4dc07556feef5aa18cd592fbb153475928a2c4f6df7e95935b39c2ed35df280ed2e4d611

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

Filesize
28KB

MD5
9fe7156b56d83925c30cd4b8690b8f7e

SHA1
31c3216f57fe9b5f14c643c5c739d0d2becd41a4

SHA256
35e78365685eb6a99dd20c5deccb1d0e4a20c128d018620be0d54dc173744e86

SHA512
993e75e6e6cf87a6e0bbb72c5644dd69d6a3c988a7cd86ec94f61bb3ae33fb51428db6718812960a6f4ff371acb558fc3fc5b08cd7354e6dbd2a81c1c858e55d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
8055d371644d5f1eaeb38ba74ee9771f

SHA1
8be999e38a6cfaca992e83440968b155d96bf2af

SHA256
92e600f758dee3ceafad833ed56e41ed517d5bc987ca20406c9357ffc2b87774

SHA512
8ad4091253693cf25bf5bca8a74f6dc0d3a91567280af71a4a319686ecaa4ad0ba5ea9e49cd252d6b5850562c7da92875549e056255e1ec635dc9a5db68649c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
248B

MD5
aa5c9ef101e0cca61678dcaed524270e

SHA1
94f9882349038ee458e04301b6ec123b0952860f

SHA256
cf77a8227d134ac5fec1aff2b71ab2d8ff3f89b588639ee06904b6578eabf404

SHA512
81717f814dbccb17f1dab5c07b48c63a43ab326bd764e7ffef704567a99356bdf66bc47e3a06b3cf9ae9c0d09e872d5d7415fff1282d7ef759278832a8fdfe1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ad88249726d6e4fedae5347bf278c4c2

SHA1
0b4a4c89622c821b596be4572599eedd6abcffc6

SHA256
0d533b9a7106efae1f64e777424b1589f7bd10a9f94af6f190bbc2bc3e9d7a5c

SHA512
c11f0899b628e2c2ece749174d2524dfd2a205d378f621043132a09c78ff3e7041d8a36f241234d82f12e0b8c244df8ab538a6757a1bdc79e37ab602ca6feb24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7f8cf9b2ebd95d75689ab9ce80667dfe

SHA1
5a2660c4e749ee526cbf62698a862fc6ac1a137e

SHA256
a7d01c6117cb7c69fa19ed24f9d51ba6067d2acc72f0ab9a46f1fdae441bb2fc

SHA512
c6723363ab22794e1b718a8028d71c40ede446dd5ff3f57a941faf41f7e2f734cf20ca6277624700cfd4ce4b44ec5707457875fca9865180fb60bced5a64bf98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
df13688bcad0116aa1d58f825688e6eb

SHA1
cae43ce1e4eb55de94794bdf76bf947a20e1edc1

SHA256
5e74fd2255f0917bdd84c6fdd4410d94761c735e077846d3ae09ba431777d40c

SHA512
e6b8e46ff4bbb99a5d0a4dad2239470de3bd5afa7a46ab5547b56ab237b54cfce71ee282603a7f193205f73941f8e5979e6ecea4a4cacaa75dd184076b3be959

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
819c8498b233a7ffd909728d5c5ce16a

SHA1
82e4b76a2ba0797bcf0952a41a79740ff8aae94d

SHA256
981652d4b6f05297273575e269820995ca16fa2e73fd9be69c37287b6779cede

SHA512
9b5ba509297dcee5af1c1a0c5ad11b8162609f6f552b1fadd748ee88c8df9918f45a78c8f17f2fc1beada982d000117bd48841e5c94f6d9bfeebf5e90c50ff8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7db54dffd2f2612731523f5cac309871

SHA1
5c5a86df231355fc70351f5484c530aa4b2c5569

SHA256
6e549d307b947b875e59cbb1aed94db1d160c227f5569a4193e2c18c92f370bf

SHA512
bd1814fe64f779ed358100cfca6269112988f697eb8a928d0bafa0ab92d2631e82a8a3f4103ce294c1a3f92777919038c361c7a36445be86d75710efa68a7314

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
05f047238d8a10bcbdcfd9bc37e86d76

SHA1
2992dd547f80377515c18f34c2b0cc867cc3aae8

SHA256
bfb5ac1474ea707e88dae2ddf7a330d22a0d86af492ec615a39264825e55a819

SHA512
1183904dfc9914735c73b3d13a7f2192c2ced594c9cf5ff6b7c94ec2ae4902250ffd84812f16a34cebc7c01f8b49a47671a4a55148cd4878907b368de7cdd9a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
19ec3353e5d667e13b44bb0bb29a9498

SHA1
9efab527735c487c841585256214bfa71dd9bd34

SHA256
39ea83c8ccafa9e5faa0add03716742e28a62de75f421d998442c0196315de48

SHA512
f1162777fa5893d6c4a0822ef9f0892ee863a36184de54c30811c5a7acf7b4f15b95e1cf8c1ee59b1e854befd39d41a40098d415da50457f4de4ce7b3f5abe5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
90d1eb93b3ead28a230402794fdd389a

SHA1
f6c174022bf8b54b4ea33a863e8f8c27eb978e31

SHA256
90798cb9b61c54432e906d1320a8abf177c0e8fca18f9888e27c868523d0d247

SHA512
1c566509970b91b5219086ed4f357959f98a5aef71b30f4afc4ff5e753b131e7357cf1c0555adca2a8203957728dd4cf33b8648b7ea4fc44f19a072c35a1172f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
6fd81cd43fb45d99f8f6720884cf7cbc

SHA1
f62089309e770c5d881d6fac4f6b1032f0e5d3da

SHA256
46185360b7f895129eab9d200ec28d4402cee23e3745764b9278653c02ea6331

SHA512
fbdb05f72769edfd2d14ba157b739ba29fa8e5ce9a4281226a414e646140f0e22da9e3cc994312a9be31d603d4be468255d4d227d841c4d98235433fc0e085bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d5be3c31f4b3829dc8657384b3f9f3a5

SHA1
551c17588b0c603ba55de459cc3945fad5e5f6ce

SHA256
17b1d4ccac5ff01998eaf0e496d6d3bb34a0274b5611e0549722cfffe6f6e2aa

SHA512
e2cebd6b8d073109a1d4a397725694af2cf342eec2ec15901c9e6bb6824a233c8eab3656a9dd346434fbd20ac5a0a8b861f47d2f7c98af7aeaf8e137f6e02c12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
105cf88c6e472d0d720df7717a808419

SHA1
b9689cff04c1b7c59d9e70a639e16e67239042c7

SHA256
f826e3b72608e1a87a97b2e23ca64542b9453f99e5e8a7eeadbcdb98b04c6ff7

SHA512
43e196056114c1a98b109556e7f670790e0f2110ef687e58a2059fdd0e1a14264ff01ece4bc9b8fddfde23f29402d3191fd2ad994815e5aff1df0883f4ba165a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
b1599df12a358381c92c9b95a7904e0e

SHA1
ce898710252930a69d6ab28f7be087c0ecd4337b

SHA256
5153b124ecc2c56a0f4173614fd55f778b67be1668b3a4ca7102d23a184de7dc

SHA512
34af2c2d30687d89e3d2b753c7d7de8ceaf8632f2d5fab2fb62cb4d3408f5ef5881c12fb9210e222f1a427ba8a883be6a65c373a9a164eefdf547c331e0f0fbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
5ed508cfc48f898e1b0367574b4b3c0d

SHA1
70aed4d5de8bf0b225aa33c5501a69837ba65298

SHA256
5b89e4d1eabb5a7833bb938bdcc522e1552523a7ce0b3cd7a158d9f97d3d004a

SHA512
b4074a90e059a3620c750c4f64226b14432ae894b8c3be3757e09d74935f09c95899acd05cebdf4dca050e4e4dad0a7368b81ebafa2ab77d3221a4afc36d6bc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
68c694492fac09041f872843cc36b6dc

SHA1
0c29983bd6483f6a25cf3e539e85d98f898ba2fc

SHA256
49843c443aa1af524226b8f980eda357673268a3137be43ea7ef0f0879d4c663

SHA512
be50685023a9bad54e6118bd7f8f250ab7b31cc1c875c7fffb40e52401996d2da71288b1c2f5cd42be0501b07ffcea32ee702ea753dd91463431dec6ac250db8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d2a0d6136f668d82523439715169e2ac

SHA1
640b1d97910b4b2380a3f531b98f3ffcccf780ce

SHA256
60ee78f769e65de2bdf03cfb9b45fbfa8a02ac564efb23d4bb454f1ed63d565a

SHA512
41e91c8d24902088f21574126dbce210d58405cadc9e6351408484cfe033e7eb3c76d41c9b77453e5accad1fd8d021067fa7111be77630902c443e9d0af3788e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
52a28621713ae93a7ccc0c6847115af6

SHA1
2775071ef0d49a9c1cf12210482624da65b5e26b

SHA256
acb9832fb772a7d3268e49ff3d55e8f49f53ee14a689c995175c8d27ffcd634f

SHA512
8ef5aae500ce4b7ca81b07ca3017227717e81fe68f752434ae7d97aec723e5bc25f92e9d894c3573f677b68d99b1189101e840af7dee4c3a2ecf379e779c31fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9107f40ccc49289d064eff9997388c6d

SHA1
87405a45075ccf1eb8e3d880a43a361b0c4d8ed5

SHA256
577eb1385d82daf4be980de5f7c5a1b8ac0aefc665bd5ec0cec2bb2b49257ad4

SHA512
07d6368d8e16550f0f3f85350fbcdfe1184acbd51eec692c3906f3e4151335096c4828aaee4928e69682883cf9c6ec051b95c5be30ec3288e663b315ab9a9f95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
909b234a4138a09fd3e19e3f2dab956d

SHA1
ab729548a6c2ba51324e9243ecfcfa368dea21f0

SHA256
eed77ed0fc97fba17af677ed6449b1ee397a5b0faa37d49a0f17288e1cf0866a

SHA512
694cca4eb043271e2377143223c66fcaedf6c232dcd9bfcee2325fd36de68744aa55ffe8446b171d13f15e4702302ca62c34090576dade22f85503085ee2263e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
cd0cee714721e26fee29a93f6a26a273

SHA1
502e40310083ce2ceb7486a7164f063dc4d0214b

SHA256
d162a0c2a2a47e2c5add605f1f995ba9cb3964b4dd033ea99528f1a7bfbf2834

SHA512
71f3106848ee5ffaa55e076ef0e05c796a3669ca8a3c4410901427f991838bd3b1fd3b7d7e83c1f2b37fe4a2cc815c2bcf07a35d14f6c6e57de8358b6c53af94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ee3f5d7ced19c5c1c068703838371506

SHA1
9446026acdbd807071e5f6105fc9f95f909a1af7

SHA256
f1a616aa14cd6fb9b2c82559aa976c303be6663dc6ec04a9f568ddc29480c379

SHA512
b8bcfa7182dfd4f60ed87465217a9bd479d156df9d794adf9df5b05b259fe9b96da2d54bfe8232283a0376aaf27c4a15121e7470daac0802e131649307d56b9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d690c13088c23c033361d54f1bf03cf8

SHA1
22e9032bbb7ec623400b29a379b45fa86c202833

SHA256
a644b2c97a8742add0f5d4c53a0b50a502a5eddb251aefb6cdb642492de8c395

SHA512
7da7c6f86a5383991f7f49d468ecebb382de5a56da23ec51c8f5014c4bd49541f4ed4974636dce16436a0d2ca24c3de0d3dc2e42a4862f119258a549d723c5aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
32dbc8eb747bf8d3a0b9900b2c9b8ab1

SHA1
ad637cf6a69896613fe4dd4e71ee365047614489

SHA256
df8bc9a1635f9637eee85ccf72be8f468f4cc336d3684afd2750d091797427dc

SHA512
5923edb4c96a41b7747fe7dd13db5fadac36900a4f28c499668e10069a3875a7edce8ce19a2ed1b938f91cbb3f79c7af354fbbbdc141b5e2f498f187821a81bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
97af7550d8f5c5ebab24dd7fff29be2c

SHA1
3856fd8a903878a0686d7c4f0c7d28d8997b4280

SHA256
2a6aaa25e006f9707f572a4bf8829c3943f45695d07baaa7178e08b63aec515d

SHA512
518639c2e01082b7f9fc03d36eae43ea0fc212bd102e3df3d134a4450c9be933ddefe735cb2da374a55cf6a2a2cc5f4c12090b590ff22c1deaa17c2376e738aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
81bfdd648f6080a0835db3d3a7ff177d

SHA1
9eb2ad04e37a3d7eb398ec0813ca7cdaa9eb8604

SHA256
c4fd4097c78738d620c451cbdf0210be8838dfcb932e0795498cceba0095f5c2

SHA512
9bacf7bde2aec0b5c7c45d6acfec5ca0beb74ac23e29d5328a9fc40511665c1c699d2479977aa6b96779e3707a35a78f58ab15028e0dbecbe96434e17fd74c2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6e2432f10354eee436c7c02c58a96669

SHA1
d016820a0d6ba59336725653bcfec1acb632cf24

SHA256
2b0cb51357bef0624bd309d5dea3305bf4f8fe30e40cdebdeb397ba4aaf74082

SHA512
9819bfcf82336c482d3235804da6672cc7c75c45233010b774a5ec4e8670dd44bffe1dbbf9b20caa6e1af96907a45481c22ae12b570e576848f5adfa5d5858c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2a72e97c3ac22c0d3e2ac7e6bcc3d9d4

SHA1
64dad6408654d56262c2af0c995f7db8a1ac06eb

SHA256
2607fce9e3e299279a4453076c106bde8f369eefe6af7da7e3503f569ef83ca5

SHA512
6bd60b091577118ba0e07baf19a2955ccf6956992e0f95a5bd6c88f72b72b986855216a842518825bc0f3d22dc9bef4ba6c41e1a9316bb2833a1e13064f0654a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
29b896f1ff7dbabcb958728a195fa70a

SHA1
84ea2a551fee4f9bb53cad70cfdbdc0cb2a84cb5

SHA256
4200ccef7a72c594c78b8e3b4200fdb6c09e0b89d3ed985a7fb14e9309590233

SHA512
5e3ca600af8eba734f232c1d42e751f4815d2b7f3bf7de8374117bd4484fb56f9cc51ef165facf0c6d212aab4b579b8f662b4a0fc8e0716b1fc995b469663e11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f5d0ea3afc4b61a88e2df535962e0684

SHA1
90fa5b5a08ce4f6941edbe6b8513868906fcbc53

SHA256
738cd4be9778011b6b3ba09eb86b65fcfea42cf19104ece47626bcba157b0f55

SHA512
23a8382f64fa045cfe0483b0a7400287538aa9ec97ff81fcd1ca20d4144ccebc156ce493658b087ae4b51172d049b93ec3f0418effdf753070ad6b260ea26879

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
239fb2e46f1528ed61d84d3c514c828f

SHA1
aa4a50fe6227ff864e0eb117aef791d139485ac9

SHA256
2a99c2870673eb311b5ccd404a720bf3ffe98a167e0f23022456f1e69a5ce178

SHA512
403533cef4e82f634470d9e75958ae8f3b2f1dbffe06ed28ba6068aa8bd13409e4d0da16ebe0850d757f1523a87fd066f4ef11aeef40774bbd2f31231d510b25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d5fa9e82d98c8ede8adb355a1210bd73

SHA1
7306798c6c55ba28d5684568ae19b6543937a9ca

SHA256
645e103821cfab465b2d9276cae3cb4ae2b2c4c20cc3c16a416ee7f7b7e561a0

SHA512
e6b3f90a08cd9ab8f8e116a1321dcab652190d7acd274274e9e416020845f648fc2cb41cd6dd001c725412041527d49bd8e68f43576f4f4e2a8ac5334938bbf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9a9e159abcad7dbeefa5f5b2bffde617

SHA1
99c0419a8797588c2e9c73ab46e31bfeb61bf3c8

SHA256
45ef1b3981366600ee9d80ef42817f0811e0abd60b3bbedce5286e866fe19e08

SHA512
e554bea944a537271d368a4ff2007d7863a114ac3d714b6b63d6ba8770985d362fe675e724abe2106de9573c5ae13da2abf666090f3cf5eb68411b17126fabb8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c885ed546ae0d6d4c4fba7253ecae771

SHA1
1b63614654a1b5a4e48da7db3b675b0b2df4ae52

SHA256
f50953320eff470703e5cc9a75c968c293b6781e6b368f6501dbc93e60e4734d

SHA512
66a20f25f74d3e81f1c53450189bc66a36020f20327ba6ae9a31456572dd154326713cac83ac65bc23ba9b5555b8b57635fd558d4aac4f7d324bd191f2f0dbf8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
00ae72c57d2bb6208c64e56d72aa8e04

SHA1
c3c11b08f17efd87a743895ddd52e5b602da436a

SHA256
841dbadf386cd6af447c70a59db114efcbbca816062d1864ffd8a82478cfd162

SHA512
84df4a617a1b2dea95bb9371357e44bb68acf8578fd1c6cd6d72d280d21b2cc454828d57f3fb170f9efb046327026442750297f877258d4b251be334d2dca370

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4d6d5c88fbd3d56bfc6595c079416958

SHA1
c9500b4524dd4043322b082ddeb2df35d4682687

SHA256
dd92f8a73690c14c017a70f5f208c8b8f3a8d268cefb7efd6bdfc81e5098212d

SHA512
98e564a119126a71332775732d15ba6e111a21187611049026551e0d0b2ef3940fa9d05653ddd4ba17334d34f812aa1f795c939a67771a1825e8bda5c57f0d71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0e7a4b000d21574244e22fed4e32da4c

SHA1
446de15f95d9d89c424db1dd673a667b004798a4

SHA256
8226d2cd0f404bf375c36076100250106447f912f81152cca678d8b6b9c2a392

SHA512
cb068afb1d4c339a9f7256997b3dfa7dcf4531324d354b52dcb83bf57a05df198c3ee3242638cf98b85170526f1caec237a96d1d8947791d706d1de8247763a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
627d17934735521257eb2fc07fcb1dbf

SHA1
2c38cb4171eb1b8fee13c312026168d019a218ff

SHA256
32214f55276d3ac35d40520922eccb9ce01660bb90b511abe562d4fd89162520

SHA512
0df709d32c5277aa77d637f45dbfea1f13da27259056cd9f85791cfc5316b1b7474b03efc3b59df20a04e4ac93cbf5346e035a33c9c7fe9c9c306f45bc5101ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
027b5ca94e95273de07ba515dc14efc6

SHA1
478a81226f48aabb53c5ad83679f65c758bc8e33

SHA256
c8581737cc12411295ff5517c93bb8613f23b8c11ddd24585194c589bba6870a

SHA512
53c0a49ccac95a63396259c0d8a71048b16a13f5a67b76e60e8287437e20b1c536be871d99bbae314967b9d532061dbf9cb32da295798a798acb695c2a6c13cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
eab95acc7a3e818551ee97ef7ff086a6

SHA1
8a098e4efae2d5820ce76484dde5fc7ce1a3462f

SHA256
f4885703a3c9839c7c9b3388c1b568c056dc4c851b94a80cedb87dd62c1c3695

SHA512
22e1ce3024b4472b1ccceb276521424951f78264f1d3cabc632f28748bc23ced13b8b73c4f614cc21712d9a627ff5faca29b1a9894084da336164920a3779e36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
76924a5862fb6bfd8f653e53add1b3b6

SHA1
95e311272a4806a0e15a34b1f28b656c5f02aa30

SHA256
a68d4ed1b5e1c318f9825567373535edcc1c2d7e364fe5573d062160ead88ddc

SHA512
9125bdbab7904d24cb8f2426d03ca5230829b8db2c55db820604c0bf41f9686fe806745a3f714d4237cafbe274238083ea26bb08730e3c999122b9c5c042e3e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
61c4b65c45767dd1f0c10fe151cc214d

SHA1
7d891265d682073857f6edefa501747484cd3f25

SHA256
12c05ef93728a464d2ac0dddc806b27369096dfd2d91c21fac9119303856e23a

SHA512
066607a1698ccd19f621126f4a03bf7ab3779852115c20028df2539984809362b41a2e4b2464c34283a434fe4bef83db02c125d5e284ff0ae66661afe38f4ef0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
18ee8286f85416940f6696ef3a70d676

SHA1
3df5e5b684af30c0266d1876feef809a4fa07fe3

SHA256
cc6a9daba648e6257fffdad371bcf1b53fbf295a2c78b03f4b8437c4da6f171e

SHA512
8352ca808fd6c5c319147ec3230e2dfcab1f75cc6784c32e91ec22e522b109597a6d37febf17d8e9816369304c806f8f2e554538bc2c6ecc85daec4d033aea5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9b1e9bd7a3658af27501bd1c24a6a166

SHA1
0f923ef835eef7eab27ae61bab84c94a9c345336

SHA256
2462b6d1fa1889fbae74940b9942ba8f8f187721fbf6bf18b721a9bfb328bbd9

SHA512
a6b32e9e9ce6cc9abf059cb01ce326916af23ffdb46aeadd30f228db10ff5a593da95afd891d4c13ecd8372dc535ef2d53feaac097d096e077a80ba3de43892f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
746fd5fa07fb75c07ed02c1ac7e9e642

SHA1
ebc2f53dedc1499bce6896a989fa5bdd389f6de3

SHA256
de985c8a4b6355cb6f02b8300bb18e50415625c8d401ed9ca734e6f20c9e7412

SHA512
9dc7b7d33d8638ffea77d3053175772dadc4fe5ff8d0c1ae81a04a38b87c66e8a2cc038f95d316b50cd837964a32c6ed78e892555724011838e458b9b318e56d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f7d5234b96d1bf35a0603925996d0f6f

SHA1
f55d9119443c910eaa7d6391842f010b59792353

SHA256
4667035b3ca8f9104734adf7f89ef47b4c9f26dabf657884777212cf30e31bd8

SHA512
d92491353f9b4e4da8b6cffffd1bf07f4408c97bab202a012d98748a3d2f668cfd1153ef8ada7f779636303a1617050060b51c17f480eb5657c528c58021a5ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d3f9eb849744d5a72b826a7eed40fd91

SHA1
c702458990cf068b88ee6be51a58a082f633908a

SHA256
1c813e9f18b5ba85191e40a17eb9b0a1ab72c8a48e92398d16a440c8401f0aa4

SHA512
2e4ebe175b73724a449155a04c598939b457ccd195369426c0b24f00622c34539cc8327a0c8f2f0ee7d0169a009cecd7ed19fcb7850155a0fdd84c0966ad2726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5f05e85fd84df4eb5272ad3db33f4b70

SHA1
4a1dbb32a31fe3196a21ee645ccb2ccc58e96199

SHA256
6aebe289ccf99ee90363c9861b2d99afaaed8f8fcb93449615ae8ffecc72a129

SHA512
e3fea3025036d51b147c36702f89fa5a9f03e153804ed42318b6e798b8f65d55a5045d89d8a5d167f35f20baf07d9c18b770b9a2e2cd51db92a39d40e8409174

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1250f6d31db43a1e4191e8eedf056d07

SHA1
c8651f98b753e8173a9d9c650bfa77df242d1cbe

SHA256
9015fdec5c2ec85b5b6d0b87f7a3d7e6dda2bc63e5a712c9eec5dfc1a3d53cf3

SHA512
dabba048df7639d81fc92c8a0b4cf2d1b515be0938d7b3e74ac5dea4017013f545d77e12e69572e466253e1e1931f09ca964b453d350a65a7671bec3ea86a586

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ad6e693a2fa01f36ae8de1096c3c5dca

SHA1
4287d07728d0e1c44af749ef8cd128b47c79470e

SHA256
768d8f57f76c5f41a169855b1b91922a341a2cecb39a1530c7b9074fca6bac3d

SHA512
a8a8539abce9f6115461293e00ffafc87d28bb52002c2fed263e0592331adbf22d46438c3c8f51e9d156f226d77232439ae911541e9af0c05e3a3c17b40862a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL

Filesize
36KB

MD5
97dd470dd89cf2e387454d8f8b998013

SHA1
8048ea355f23cfba75fa12013ddcfb2dc60cf7f6

SHA256
db766ce91b3434ed2fff5c282c7fb23f1c089042717d1a60d91e501566950ae4

SHA512
5fb08806a5003b9cf11d0f3ab8043fe38632e2f819a595d55f82fe771eea9afb443c433743e0a1474608dadcaa184ca06fcbdfdd70c51bcdf5fdfa0b064ae3a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
7KB

MD5
8f8c2b1f68a949642723cc039201a668

SHA1
89117ea68e2103069fc64017161b09f206e57cdb

SHA256
82cd15e3f730f887fff6d0f8650e7ea160ec754f8f087f9a2a4d8501b15ade06

SHA512
fdf9307c0ac09f1c2d8bd57c04c448bea47642d7f45646b954e5f1bc4fc0d843a7977b81ac58684149db6cd0d8486112f46fdfe86ec1c2c561d26b937c031747

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
137B

MD5
a62d3a19ae8455b16223d3ead5300936

SHA1
c0c3083c7f5f7a6b41f440244a8226f96b300343

SHA256
c72428d5b415719c73b6a102e60aaa6ad94bdc9273ca9950e637a91b3106514e

SHA512
f3fc16fc45c8559c34ceba61739edd3facbbf25d114fecc57f61ec31072b233245fabae042cf6276e61c76e938e0826a0a17ae95710cfb21c2da13e18edbf99f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
5b5dc1db7e47d2df6ee0570fb7737dff

SHA1
c3c49b585ad562aaefca4ee21ecf5c9539a2be1f

SHA256
5f39291e48f98d697d48a5722e18d893cd4dd2fe03396bf4d0a8b07b75356396

SHA512
5f2fc5d75b39e9197023bc40517e29f6b1fd3dba6d7ae3ac27a4b8b11fa8e8459079a6cda5038e8b7289b40645cf68184ffe08898eb96f682f3f3c5ca87bfe68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13368580648126334

Filesize
2KB

MD5
d65975e4fceba3e3fa635d8edf7dd716

SHA1
034472a16fe7af7d05098553250210a70a98cea1

SHA256
05b2464422abca4a75a21ffc32b85e4c60040ff6198ec3499dbbd61bd70c224c

SHA512
6ca0e2781a06e10c57a3e2811ee68d50b432f7965e84960ab5fbd45e230d927f8a49bf99d3e35efed57980a70141d50277e3a4e0e06ceac0fc0ea57babc86a28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13368580648169334

Filesize
3KB

MD5
dff979c5020743af01b3ede240c7f242

SHA1
defd6aa1a8f81c0c7726e3eb3c396af3c26a20bb

SHA256
d832b4bf0cfe14d1120e9260a95dee00deeefc3b9a457ad95c9bfa86b8cce6ed

SHA512
bc9af623897ec1f06c6ec80717c32b64e92f733a0bd65389a0fc508f04b680d47d33405a93221814ab9fa692cfbcf21df3058b60ce72ecb13decbe57e88de5fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13368580715563295

Filesize
32KB

MD5
d0e72e993402146a848315ec1386dadb

SHA1
ff6f0202fde285fda975e5bb71a33574d0da762b

SHA256
8e1c7f84abbb6568e9075f850cbe2837a0e0f1c6ed69bb4310117ad45cd5f664

SHA512
f3fd609970f4af635195d25d95d6f73287a7faf432ed454ea902b751bc7022eec05cdaa28a6bc5a824d0ad5b4ff1f22610473a43a3c86c3d4261fadc12e26e5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
f829c2c9e2983d834f7cadd0a2b0777b

SHA1
af546a4dc995858f50dbbebb5361ea85d84a208a

SHA256
89faa5948a2ff399b927754907d6833af3ac4981ce6b15f6fc35c60950a0b72d

SHA512
8d090e445fb1a13bec64ec18591ea3dea7b5a246d5878b6f8a485313f8074767edd5705c3911f84d1f50899e2213c685650686ce716ea639c95b0adc41977512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
8a9a43c9e5f4cdd2f22c8d3e6254f45b

SHA1
af842c8f79464ce8283d1cf187425dd0a479f5bb

SHA256
d17e1cf77d793e9be122887cd3b825f29e76c1287e987b77c2223c7c58c9fda3

SHA512
3b6fff7ea8a384165b1706685ac8fab8225b4e8ca78f981865b40191054fbc854cea47c6fd034f5ec0e3a27902c695eed704c2296544a8cec78a7b342923b772

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
9e4bc3df735c0c4af7c0238cc81ab311

SHA1
da17aa412c4f19b9ba0315aebc7866684b410038

SHA256
1ac34e655885ee23f91f5f8aa5345fe029abe3ad634dd69d58071f9de2b8e645

SHA512
914773873e5d8d7167d8ec5ff26c2bfe19b68eac3634fee9a2bca220b942d051e60c4ca07c7403c5d99a2c819532be573b5e634fb6563b52ee887012b73c387a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
d4aa03ccb54342453a65425d1116784a

SHA1
7bc806ddd230b84ef5707ed9b3203f0ea5b3cf81

SHA256
6894bbcf27947e24a974bc95212af8a9aa6d8e3dc9d1852e5ea33eebf6087a7f

SHA512
afe0021e5acd7a203c81fd1e96a029deab12cd240249994cd71317743ec821311df2f6f5daea01fdd6c36b53a1f913b76348a6df40719cba994a7fee44f5b0b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
89e32a58735ef1207717825fa941a58b

SHA1
54b507fbcbb2f73c7fc76a9a2424e4e13d3846b7

SHA256
75cd52c1446c6c2d313c21b9413b6c9a35615569fae115d1ede85bd6c5566942

SHA512
874ee830354d9b1648922698b54620b8a65f0de65a0b02a64d284619a4b1007d06363a836aee0fc38000a359f69551d3299633217a563a2392a8cffc85c85c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
b4141b5f2c94ccc20161803c2997670a

SHA1
0cb26d6d9c1bb23a1b01e51e5a244cb02d8f81e4

SHA256
1b88b165bc086bdc7c73ad1a597ffaafe4e150339eac0ccf702480e5fe153a02

SHA512
f1def062edec4daee93beea45c27d18353e5847f91ca687c8d9e68ff2d01a28b5922596458c2db566f32c1a714ecc583eb04d12d6124faf7321d8585cec9f153

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
5159b014ef6805348241a750a0b385dc

SHA1
258548643ecf19753b832667e01877f811d5d4cc

SHA256
5a878a223a7c44d104cc5c2d142e8df5b859922e83ec4811734e17ebd75a3ca0

SHA512
d7633c1fd39b2b383c5bcd12ebcc8d4d1b08c82cd8290df33e541d3f72b8423c2ec40d77c3a2470897e00e30369939eea8ba88cda0e6d20d30879cde7741b87f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
236b10be56bf5f6da7218bb2345b98da

SHA1
cea3bddf4b20839cbb60c6bd8a6fe80feb46fa13

SHA256
7fbc1b6c28e63cf508dc155dd3c80505947c995138298c34e406d15d1939f5be

SHA512
d969f4221384942f7aca881cfb75b60ae03c30e631c496a4944fbaf17b6f38d115ef4e38390132647b362fe4e84da18aaad4d4b6fbdfdf48a81c2cc3a5c24ef9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
2ad2e297adad32872721ed0b08847a40

SHA1
a6bacb433b4a9133444aa9079011b0c37b4820ea

SHA256
55aa5dc390b29d2a028a76ce2b4ab107f5e7c9d450f04095922cd0984720d063

SHA512
5cfecefaddaed93a35439fe72a2018029f858bcc2217d450045e8faf173ad3e3b66e7280bacb4f7051eb843cd626b37d90f9c21a083327e7e2bcd18acd1864f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
1e502423c9d7ec58bcc81c9142bb666d

SHA1
c6ce83b58b6acfe5202fdb8f5438c6af675fbff3

SHA256
c1c48f303caceb5ede911b39cb1a23118683e99d3fc0e8aef944329d8b7cb66c

SHA512
204c4749fbebbee283c055277b706a618d684f4435a59dbc9f58a2172fd03ad141312f71a173f5a4a6c39765daa92ddcf2f2406de1c2c2d47e3b2fb72b8fe224

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
fd6f61febd6e3a08fba1eefdf8c69f6a

SHA1
4c07e5ce4b15864c311143d0ca7b05bb0ede2b06

SHA256
0f6676d4e2af165d9820dc11b058cdc20f0a077bf5a344655585817a12c5a879

SHA512
48757dc0d0d2617eb9869ad48a1c9eff74469ca57df7ee2af4bc77987ceaf03af778657fc891f749b7038f11e7e432e5d10afdfcf57b4488a20c1a617325cf06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
5609ebb944bf6a4fe1443b25039a1e39

SHA1
f85d93e9485988204cd1901aa565ea4b40f9754d

SHA256
bbea774989049b10d95deea701a696c047fb0850a6e91910cb0c131d6e161ae8

SHA512
dfd3e02fa0df3e1c12e87a65fd6845f578a687a1ba118ec3cb894231076a61199605adcfaa5bd8f32948df61bdce1d9f7659e01cd162c0788717edf618a14005

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
108ff13b4b1f53a14c6baa2014f22629

SHA1
836bcd30d04614f85bb794bcc6ef9a0cc3330a9d

SHA256
f592e8dffdb7a87cf6d969bbaa68055ac6d0b4d089f3f324339ec58b2bf662c1

SHA512
5fc7d61fc5101eacc8278393af6f00a5c9ff502b83855cf1fa102716901ac64c005e4d6ad867697c2f2ea551ad2f5f2a95ebcc64cdf3259615fff1cdf2fd1b7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
fb35a478adedae60377eb4b14486fb0c

SHA1
1ca40d2a5363b872ef06f5cfedb531844ca7a2e9

SHA256
73cd1dbb167ffec4df07ab8404a424113e0156d75fbeb3507786db46346f806d

SHA512
4380f7a57dd5974d0f266bc95206708ed6f7c0d016463537ba102adc2ff2cc8565376b456fb9088cc1ad8bc31f2b7d43dffe2a9c89bcadbd870b34988a9ca6ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
ba62fc1ad2fe80c58703731a4ac98628

SHA1
1791129d60e154e9e88b3e884a01d865bb560858

SHA256
fcf0295460a9b15a1661a339b1031aab439ae9162ad7cb9a38ae7c5145b0d56a

SHA512
fb79be372600807e062b5fcccca15cc463fd78fdd3c55012a993fd31cb7bae438a3d1afbc97963d136407b32d35306e50aa8515b562f39b655bdee0ad9ab7e60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
354cc1b224f205fc3bef0e500d147cbb

SHA1
6307c43a85f99b99573bb0cc8149d7185426d8f8

SHA256
f82f439b0ffb8c92674ede9af00151788825ddc4435d0cccd24b792209dbe7ce

SHA512
df407b88f03b129093107d3ea10f11667941247ab87fa92334d99aa8fb72da624bb06344c3446c7cf6da56f584aa091244e62d31f353de6092c9a556fc744e7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
b0a110d36a9b2399c4d20b84c75a159c

SHA1
9505603860ec666995406314d72ab46a4c273f59

SHA256
eaba52b53b420049dd2efbd0c0bdd4a184678b52d9eef222e4411d5037d0d8d6

SHA512
7f4a16dabb78119feff35c3df8d79bd62e3f449570f77dd5febf927dd0db285ef31bbeb9873e15933878d1b9bd072a043d82f5a723a20826dcaf3e65497a82d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
116KB

MD5
d289c3aa754c2d4c9d75e9ef6045fe25

SHA1
ac9e52ec36927748224dac6a1f223e9249384d0d

SHA256
d2e81dfe28727e8c5f17efe48dbd72a671e7976c7701b4f5fa8eb7f718bf69ec

SHA512
223d0435ea95691117e29c281979921c25edc2dd58781ec83c7913f2e65258fc7246d627adacd9abd47ce8fc52295e7605de8e7ba36e50210e04e4983ef5323c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
44KB

MD5
ce4ef999af7d79b8ace2fd440e63d8cd

SHA1
1316f028d5c41a2dcd78d1324acdc78c67ff526d

SHA256
b7e84cabd8e349863e1b04e3bd4d811149e5ec1d0c98be6c1c42eaa49f25ca18

SHA512
e27fb9988b29b344d990cc990a299a2c61331edb2b1029dd77b0fd95b656373dee3fcfcde5de0b79aa2db18fac38d224099da496d0dc54145ec7e6b728c4b503

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
44KB

MD5
d97efcd1be9fa2c5a5e3a58a8a224e30

SHA1
f9caa34fd3bcfd7363e62808cc550fabedd9281d

SHA256
2731b4e7b54f1525cc2185e5f1197302fee5ed1dd96ce523988608680b1668b1

SHA512
5acb804bd27f93d59397ca3b55ea9aee7a60a4e20e3fa6393ddba14fc16558feaa5f3041b31af8413689b0dc91ca17efbddcae6bd7654f3ba12bd19a23ef13fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
322B

MD5
bd03c39fe2deb76755adb54946e6831a

SHA1
74e08dd1a8e40da42ce42fe597df9b7f030498f1

SHA256
9d1205e7068893d1740f3f34b6a0c03f7237d7f61dfa5e11d06237ec6c1558cc

SHA512
5abe18a8b58091a19b3e5d9aeedfc5b976e6c5b7aac8dac2f240793167d3f77f79890e5744bf7d6fd878d431fef0c7bbcb25bb62b460a36f399ea36f9efe6c22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
194B

MD5
a48763b50473dbd0a0922258703d673e

SHA1
5a3572629bcdf5586d79823b6ddbf3d9736aa251

SHA256
9bb14ea03c24f4c3543b22a8b4e9d306b926d4950cfcc410808ecac2407409fd

SHA512
536406435e35f8204ce6d3b64850ffb656813aacbc5172af895c16c4f183005d69999c4f48f948875d9837890f290b51a7358ff974fb1efc6ba3d1592426cca1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
340B

MD5
fc65024e51a7a04ff5f1d5be5252ae69

SHA1
ea8e4cf174bc310b93497034d73059f83f5c28c3

SHA256
b57777ef2b466e5a8c1b948864c279b17be8a523ee9e0a680d0f2c0d4511442c

SHA512
85126c7b37abe10ba5e1a1d01e6849a162ef71ca6dfc4a6cac60f2b00edd4775e568478c372e1c71218e44c010303b3220edb73cc2ccee71251602b440a45d34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
ef8db3b84323e9ad60062bbc60182c3a

SHA1
e2280e5d9821a651eb41777067d15f7cab13110d

SHA256
c26c97c466364965b2b30ffa5823501c5d216f51e5b11eacb7fc3b14cea50f48

SHA512
390776e6f08b2095f701229a51c55b2b4b7e9e2f2cdabae6c7d9ed161d3c1e750354ebbf98bf4615b9e271678a74ac85d491f3c87cc8d5a934beab794442ac93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
b24f831971b697a8f85579ee63f584af

SHA1
5ae982474ddaa0f960cb993f28a45c4a5bf1be69

SHA256
23aa92145aaa1e915d882f6c9b45575d94cc5e7214d00b38817726a1624a0da5

SHA512
e26b7831a94590156f3b6c32a19b289eee70bb9f6a8bca8be5c10ac7082b2defa03588837ab278d266290e875d3f5d565b50fcfb4c5beebb78ac9a0f4af5b720

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
8a3a691e8d8f94a16c4d9d1be8b3bdf2

SHA1
6691898d925c9e08d3cab2642f3240e85e8a3fa6

SHA256
98d80b9c9f61d7e152e6ae2f93ae06094c8737a0db77f801df90d6d8f39f78e0

SHA512
75c702065ba3991b7cb137e72f7f35012c2582bc425ae242547957a50a1a3ed1cb9c251194b2f1338554e5e498546bed7bb07955a0664e1e82041cc929604e38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
9854f9b963f3571ece7f24cc701ebffa

SHA1
16023d5db14bc399a1f261c20d24e7d23d19f7d4

SHA256
7cd197ac060faf2053dbf1ef86a443b6c4cd1cfba8f12242aece5dbc5856c056

SHA512
5d67133f00e67eaf9e61ab0954420ef3befa38beb87faded7b71e536ff39dfa817e6566830f84547a963139333a4d640ca86cedde512e5b98b5dcb4e314d63c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
40b8bf545328364b88c70063f0ce12d4

SHA1
b1cf94c85c4b27e1d6887111b75726840ce90d6f

SHA256
3856c081dff428165e5372594d5a35108109718883243550374e950592fc5f4b

SHA512
16aaf34e6a1d58f46f4cbe777236a7677f48f6357a51f7dc98a664f543bf8e75932c4a0d32104c75ee42468ed07185233d893d8c0456624400e00b3226939408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
17KB

MD5
f5515436a4be224bf48a15473ac65134

SHA1
71982f82655ebac55d6d639405dcbbb0cdaad921

SHA256
f35a6f327fb99b2cabce3d11777e045943f1dc03d58251f9801cb29faa1225e2

SHA512
e2c6af63fa2a20711745de0cbd671751acc87267a1e8534e8bef1ed81cff941f12c463167625b02e467e0766605b2c7365594cc497f3b3744cc1ee032d8ed963

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
20KB

MD5
2970f91a2131c8ea581a746d3aeb52e9

SHA1
0ccf977d08808e3d73aec0240ef5f9af6a52fb14

SHA256
7251c74c77db5045d87a7ccd9ff613bf0da824b9da2a173378a5ac6100562134

SHA512
4d6a8fdae5b29e4b72bf023c86793037b0c6a237aae901b5ad4f25812896f569850f4bf73dacc10747f61a23225de8a6b62bafe31eb8c214f7cb0ad9fd04cd6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
16KB

MD5
4905fb3bbe0f03694333850029026ab1

SHA1
efaf8d508bd483145f8aa93b7be0d6400a8d45eb

SHA256
e2fe949f1a0cb212a9b6b0cc73ac72fdda5b21b6b21d75d355f3ae8bcb407e9e

SHA512
6377d4eb4ce1ce99f32a6a18f089e0c2bce230fa98ad5855b08d60757defe1fe7aaef59f515e16310875ef0b17faaa2e7aa2a168e0526808f82b8305370b60e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

Filesize
18KB

MD5
b479d0c6f429d3a13c00847dbc56fa40

SHA1
3e6005d70416a55e730394855c4d97f6fca7f69f

SHA256
479d3fa5b002c4f2271ecaa7d5f475e6f2ff65e713ae6172800c60252d0db8fb

SHA512
fb59a26d276a92a0513cc199e87d5bc8eef6b65f89f5e864ccbf2e5513efaa1bef362c76c1cbf923a5d96be2f3531dbf8bc58628ab1f97e5a751bd0c124848c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

Filesize
18KB

MD5
91ab23fa2e12e0c6d2a675362b67e5fd

SHA1
5524848dbb7e284897348477f454d403424c805b

SHA256
262cf8dbd67d0bdf8f741373de854f92c0f70c383fc4c35cd191b0d512cfbd0c

SHA512
9ecd103f6afc185cbdc89afe7fec569f8a9cc5114c91f4fb44746ef1945b6d84bfeff7f53b28312390b5f9e7ce848c82d06924d8cb8acc3e828ae501805261de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000006

Filesize
16KB

MD5
507e84952813ee5c7b57489b277d2082

SHA1
3bc9052a4b23bbce030f8f9f48646461fa88c106

SHA256
0b7d5c2bd00d3eea03c36a6b1c072a307debfe892010c78c11cea5138d8eba07

SHA512
6ee8e67f81fda20d1a0aaabd9fde522981589210e4569476c23aa973b12ea16348041b7166efbded04cf71dbaf76e7284fe5b72db715d8cd77e43abec8b8ac06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000007

Filesize
16KB

MD5
a33b3a3fdf5161be5bd861804961f557

SHA1
68a57897f1686a3e62ce9808165e18f31661d077

SHA256
ac33d8bc6d9a5e769472877d7dd3d035f8088274b886b16cb1898b106da48560

SHA512
c94c29a5a9da89044504fe06702f00a7fdd5bc7b85e1733c0cc9a363a812c8d8f95672ea7731643229fa4ae2f1a632c73096d90b63799f5bae7639b41151ccb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000008

Filesize
17KB

MD5
d22cb8682c6c279a568ed39bdc634f0f

SHA1
677360e899085b1fe7af0098575842261a6d854a

SHA256
78b575d52c9342adcc7b89ee8545e0577169b0d520a9924c7d53bc3587b240e0

SHA512
2ad0f705556abae3edb620d4370c1e72c749935d6ec079a10272ba2cbfe42d06a67f6fa1c3d80755aef9419391f701e98d479e946708e26980497f438b154ce8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
971eca7f2fa036a1d4eafcd0943ffd5b

SHA1
3f4ee8266faae8e771dc01a70ce7ba46a25f96d9

SHA256
7a1231ddb0dfa7377f0fe20ff2af00e27b54f4f9e49f5c614b88469e2ecc8a31

SHA512
947da78a0c5566f0f44a4c7e41c16af03c28c5c84b05931a2de47b28f67ce0cf0627ef42005705a0a92e21195f550a5369c2253039304d4450e396bfddd1d75e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
eca3f2e2218702dc2d4c02044e03ef41

SHA1
600d0546f2a4b4df6b2d48b2c4a6b11c46ad67df

SHA256
44757a1a5680d68bae872304202cb79ea53f666f99573299b0e45a408efd6633

SHA512
909282027a5193dca20543efe2e61d97d64bda234625d1bca4fe9eabf0a961723f973c04c59fdc231c1cecc579f91b92d364487c914bfe33505c0df0b7a4aba7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8aad955f8ff90247de5641c752cc0848

SHA1
bef080f7d1497a9ac6d29ba7e792129af7cebda3

SHA256
71e6d842bb5f6e63ceb27e156a206ccd68ac37dec5fba10a0a7ff90b714257d1

SHA512
3a056f5ad517b1e6dacffe0b01c6440b1e6d937deb5671f9d167614d516e616cac57692c788e395c4c1c0e882a42809d64d2abe023370a265f2b101e30fc682b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a5b938717bfbdd308a919a87d17f65b3

SHA1
68ed8ca0581ad722c32c86b216bde98b306d2a5b

SHA256
59ff8ee5600fabc3eab8f1fe9257f0bcd9338fadfadb154f8f33d69d2babd0e7

SHA512
75296ed4af891481b6d226f6e1e13fa26486289300a6623f6820f888805de387ea9d057090c9c2bc8a433772405d3bd64d5db9e5c0803531b27a21a152f3a8ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
abad1c1d69d8bacac9175048dc3c4d52

SHA1
2279eee1624be0b3fcc0de257beed7dbf355271d

SHA256
55d28902292a282517597674d4e123037729cfdc03205ea29b1c2f875cb08337

SHA512
7b8777286143298785c209eafd9987c6cf2d0e7231b5e05934ce97ea8b6930771080461cf2ac7e0538f92c0638801ef68c3775edf7d47e652138eb69f0daf560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a2fbdf9de60827187c2e3e15d03f63e3

SHA1
d105f5e392fcb81f562f338f014ade6946cc2068

SHA256
a3fb506fa8b67ab853fe60e9b28b33bfdbd3a41e37204c09b1d3bf8fd829c0f2

SHA512
67b13e5988154164a5fe49bbf596bea123c942821183e30a5b9b9a7847de2f82ec9c213097b279a49f02904a076f694d0670a6e6c18a24df11964f6c21b028d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fccad94d-a5c6-48a3-bd31-843685bad5ff.tmp

Filesize
10KB

MD5
60f303faab14fcc7e727bf978ba500cd

SHA1
95896dfd27279c4750fa92e5842d60b6f9174825

SHA256
e6d8e1da9cea887fee6aa50745fdf855842f38de4b50ec0b4b09bc45c2f33758

SHA512
228fd7cc297285a347f0276d7b42f5a164da01d527223cbe3517bac656f7f7d8925b270656653efeb5f997e89b295c13ca0b3251f30cda7928826a08cc74df7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

Filesize
4KB

MD5
5514b17dc23a1d62d24dbe1c3cef80e4

SHA1
59fc48ed8dc12e780d5cd2e60c955179594e9421

SHA256
1f7566c805796fe44a32b466e1be125f55ac19ecfacdb968fcb1a7b875d8818f

SHA512
ee170b1cec10b2ab62c23fafb52b71a7dcf12dddafeb79a5886bff3dbc642c343fa1d41f0cf3daad9aa90094713776a9d8231ec1cdfe25b41bed253b5ded110b

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
84B

MD5
aeeca76b05140f32ae2b96f2544c68a9

SHA1
68215a64e249cd5edf995439ece3830158e25b1c

SHA256
d3bbcb05e97b6b9dcc5dc26e644fd4f1ee405eb0d904bc290562bf98a73f9b04

SHA512
5c62737167b49e914d2ff322c0b8e5741ec35641e52dda3f5cda2f7801fe06f7960e92434f638bea820f839e75c2e283e7174fd6e93df64a3c50a3387236bbba

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
137B

MD5
a8273c34d7ff99e928364dafba039098

SHA1
832c6c4bdceff11506320dbef82432f78e9e73a8

SHA256
0c14c8764b9d75111b1bb2a9d012cc0fb7c92143c4dfc4b7abd641dee6a54999

SHA512
8d478a14b8ea012421d5ca845ddd8afacf161c334775093602dadb3c853a59b72ff7de37e4dae83fc129d22ea2c2daa45f891eed72c7036ae0b159c9d0ebb4f2

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.Wd7468

Filesize
137B

MD5
77604c6b4fb1b94f522f8153665bc3ce

SHA1
d8b3a5721239c29e89cbb40ab497bb1a2d90b56c

SHA256
6d16889dc09955408933918d54afdad6789940ea52b96d033814fc63223dd282

SHA512
bbacb771feaaaf977bde9e9fa3e6484e93f9a9f30674f2ae0e7bee79aeb5ddc9eaededd6a4e672fb6a2b4d67378fb7cd564208aec1115b99c38f33c22bb345d8

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

Filesize
18B

MD5
f41d149d310578b4ca9f62d5d8efa65b

SHA1
ff790c03024af7ce3d47251c66583c595e8e2d7c

SHA256
2a4dd14d2a144314a75dbfc936c41ba02b89afaf9295c415ee38fbb5e4d17691

SHA512
f2711865c65fb7151db320274f8416000f7c3955c275c7cc1188cbb345b3ef4bb29b924c813cee3e15866b9e950cbbc5c1ba0b7bb531d290825415b61f376210

Download Submit
memory/2148-675-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/2148-678-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/2148-677-0x00007FFB148C0000-0x00007FFB14B76000-memory.dmp

Filesize
2.7MB

Download
memory/2148-676-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download
memory/2148-679-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/2148-680-0x00007FFB17E30000-0x00007FFB17E41000-memory.dmp

Filesize
68KB

Download
memory/2280-1-0x00007FF6D9C70000-0x00007FF6D9E1D000-memory.dmp

Filesize
1.7MB

Download
memory/2280-0-0x00007FF6D9C70000-0x00007FF6D9E1D000-memory.dmp

Filesize
1.7MB

Download
memory/2988-175-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/2988-177-0x00007FFB148C0000-0x00007FFB14B76000-memory.dmp

Filesize
2.7MB

Download
memory/2988-176-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download
memory/2988-180-0x00007FFB17E30000-0x00007FFB17E41000-memory.dmp

Filesize
68KB

Download
memory/2988-179-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/2988-178-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/3180-338-0x00007FFB14620000-0x00007FFB14661000-memory.dmp

Filesize
260KB

Download
memory/3180-334-0x00007FFB148A0000-0x00007FFB148BD000-memory.dmp

Filesize
116KB

Download
memory/3180-346-0x00007FFB14570000-0x00007FFB14581000-memory.dmp

Filesize
68KB

Download
memory/3180-331-0x00007FFB17E30000-0x00007FFB17E41000-memory.dmp

Filesize
68KB

Download
memory/3180-330-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/3180-329-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/3180-345-0x00007FFB14590000-0x00007FFB145A1000-memory.dmp

Filesize
68KB

Download
memory/3180-332-0x00007FFB16E20000-0x00007FFB16E37000-memory.dmp

Filesize
92KB

Download
memory/3180-326-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/3180-342-0x00007FFB145F0000-0x00007FFB14611000-memory.dmp

Filesize
132KB

Download
memory/3180-344-0x00007FFB145B0000-0x00007FFB145C1000-memory.dmp

Filesize
68KB

Download
memory/3180-333-0x00007FFB15CE0000-0x00007FFB15CF1000-memory.dmp

Filesize
68KB

Download
memory/3180-335-0x00007FFB14880000-0x00007FFB14891000-memory.dmp

Filesize
68KB

Download
memory/3180-343-0x00007FFB145D0000-0x00007FFB145E8000-memory.dmp

Filesize
96KB

Download
memory/3180-339-0x00007FFB13010000-0x00007FFB140C0000-memory.dmp

Filesize
16.7MB

Download
memory/3180-336-0x00007FFB14670000-0x00007FFB1487B000-memory.dmp

Filesize
2.0MB

Download
memory/3180-327-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download
memory/3180-328-0x00007FFB148C0000-0x00007FFB14B76000-memory.dmp

Filesize
2.7MB

Download
memory/3708-190-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/3708-189-0x00007FFB148C0000-0x00007FFB14B76000-memory.dmp

Filesize
2.7MB

Download
memory/3708-188-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download
memory/3708-192-0x00007FFB17E30000-0x00007FFB17E41000-memory.dmp

Filesize
68KB

Download
memory/3708-191-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/3708-187-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/5816-280-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/5816-279-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/5816-278-0x00007FFB148C0000-0x00007FFB14B76000-memory.dmp

Filesize
2.7MB

Download
memory/5816-277-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download
memory/5816-281-0x00007FFB17E30000-0x00007FFB17E41000-memory.dmp

Filesize
68KB

Download
memory/5816-276-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/7140-694-0x00007FFB18250000-0x00007FFB18267000-memory.dmp

Filesize
92KB

Download
memory/7140-693-0x00007FFB1E3F0000-0x00007FFB1E408000-memory.dmp

Filesize
96KB

Download
memory/7140-690-0x00007FF7479D0000-0x00007FF747AC8000-memory.dmp

Filesize
992KB

Download
memory/7140-691-0x00007FFB14B80000-0x00007FFB14BB4000-memory.dmp

Filesize
208KB

Download