Overview

overview

3

Static

static

1

URLScan

urlscan

1

https://finanzas-vid...

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-08-2024 11:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://finanzas-vida.com/las-20-empresas-petroleras-mas-grandes-y-poderosas-del-mundo/

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 11 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 33 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://finanzas-vida.com/las-20-empresas-petroleras-mas-grandes-y-poderosas-del-mundo/
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3504
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff83db846f8,0x7ff83db84708,0x7ff83db84718
      2⤵
        PID:2748
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
        2⤵
          PID:4312
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1864
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
          2⤵
            PID:1576
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:1652
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
              2⤵
                PID:3416
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2636 /prefetch:1
                2⤵
                  PID:2124
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
                  2⤵
                    PID:4652
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4856 /prefetch:8
                    2⤵
                      PID:4760
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
                      2⤵
                        PID:2448
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
                        2⤵
                          PID:1104
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
                          2⤵
                            PID:2448
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
                            2⤵
                              PID:5212
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
                              2⤵
                                PID:5460
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
                                2⤵
                                  PID:5576
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
                                  2⤵
                                    PID:5584
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
                                    2⤵
                                      PID:5592
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
                                      2⤵
                                        PID:5600
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
                                        2⤵
                                          PID:5608
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7120 /prefetch:1
                                          2⤵
                                            PID:5616
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
                                            2⤵
                                              PID:5624
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
                                              2⤵
                                                PID:5632
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1
                                                2⤵
                                                  PID:5644
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
                                                  2⤵
                                                    PID:1268
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
                                                    2⤵
                                                      PID:1372
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1
                                                      2⤵
                                                        PID:6108
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1
                                                        2⤵
                                                          PID:5532
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8872 /prefetch:1
                                                          2⤵
                                                            PID:5932
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
                                                            2⤵
                                                              PID:1716
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9132 /prefetch:1
                                                              2⤵
                                                                PID:6156
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9268 /prefetch:1
                                                                2⤵
                                                                  PID:6228
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10676 /prefetch:8
                                                                  2⤵
                                                                    PID:6764
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10676 /prefetch:8
                                                                    2⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:6892
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10460 /prefetch:1
                                                                    2⤵
                                                                      PID:6988
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9136 /prefetch:1
                                                                      2⤵
                                                                        PID:6996
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
                                                                        2⤵
                                                                          PID:7072
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10216 /prefetch:1
                                                                          2⤵
                                                                            PID:7080
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10328 /prefetch:1
                                                                            2⤵
                                                                              PID:6108
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8444 /prefetch:1
                                                                              2⤵
                                                                                PID:6420
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
                                                                                2⤵
                                                                                  PID:5912
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,6460311188600343188,267322095895670849,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2348 /prefetch:2
                                                                                  2⤵
                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                  PID:4884
                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                1⤵
                                                                                  PID:2128
                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                  1⤵
                                                                                    PID:2732
                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                    C:\Windows\system32\AUDIODG.EXE 0x498 0x2d0
                                                                                    1⤵
                                                                                      PID:2284

                                                                                    Network

                                                                                    MITRE ATT&CK Enterprise v15

                                                                                    Replay Monitor

                                                                                    Loading Replay Monitor...

                                                                                    Downloads

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                      Filesize

                                                                                      152B

                                                                                      MD5

                                                                                      f9664c896e19205022c094d725f820b6

                                                                                      SHA1

                                                                                      f8f1baf648df755ba64b412d512446baf88c0184

                                                                                      SHA256

                                                                                      7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

                                                                                      SHA512

                                                                                      3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                      Filesize

                                                                                      152B

                                                                                      MD5

                                                                                      847d47008dbea51cb1732d54861ba9c9

                                                                                      SHA1

                                                                                      f2099242027dccb88d6f05760b57f7c89d926c0d

                                                                                      SHA256

                                                                                      10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

                                                                                      SHA512

                                                                                      bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
                                                                                      Filesize

                                                                                      184KB

                                                                                      MD5

                                                                                      c61aec8e1db3ea5c6ce87261d251cd42

                                                                                      SHA1

                                                                                      47a2e58af042b6446fa4c973ccc503127f004d3c

                                                                                      SHA256

                                                                                      d3167ec9a3279125bd10c0cfe628ba8890cc9fcc84b3ee6d97f61d6c518922fa

                                                                                      SHA512

                                                                                      9350c7b37b6f1a83e98a80a45b19dee8a207121f982663d2baf1f251cdd03ae82ce4ab6bb1ae3f287e1e7c619d9563d13fca80c6990181ac5293b7af03e89d13

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                      Filesize

                                                                                      1KB

                                                                                      MD5

                                                                                      dfceab57d74e03e8be1c0e8154b31233

                                                                                      SHA1

                                                                                      e45deff5a2fd91e7a55ecc5ad0745e7ff8a4385c

                                                                                      SHA256

                                                                                      19a35a481b80f6083542e3783b022602797a57ba9f07ed721226c6bcfe231a5e

                                                                                      SHA512

                                                                                      7a1a359f24618b1a09c6406c75602fe27769410753807a04684afba15957e5a07929b4bb25dd05022cd6faf5fbe16586b0b311e5d73b04e7725dbdc171653223

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                      Filesize

                                                                                      1KB

                                                                                      MD5

                                                                                      f074fd6596f2dc8ebd1f5ec804c67587

                                                                                      SHA1

                                                                                      b4882dcb7b9fa01a94ab1df812ef212d0a5f7230

                                                                                      SHA256

                                                                                      d27570ee8c992390246713ad92568baa9f83416a2cb1cc78058328b0744b3ca8

                                                                                      SHA512

                                                                                      83ee403ea06d9b8d65da001077c34705e53860c3f1ac882064510a12981bdafd4160a87d52628a8b3e81e285e18db4a16761007a2cabb12368ad703bfa4ab8f4

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                      Filesize

                                                                                      1KB

                                                                                      MD5

                                                                                      7bd851bbcd4828159bebaa691616fe7d

                                                                                      SHA1

                                                                                      b2907a6005a73dea08c5953336b0247d21b338d9

                                                                                      SHA256

                                                                                      0c9b6984bc7584044e3df44d8287c1b5cb6316356ad0ebbf0d382a1973b08731

                                                                                      SHA512

                                                                                      9aeb989085e1bf6222dc478d8b93cb2fb9ca2f28bfcfc1269d899da04e13285747576bc65d0211898009de9cc69b94a649307cf2b4616b47a9e9a8cfe30e7418

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                      Filesize

                                                                                      9KB

                                                                                      MD5

                                                                                      44779e383922a633e6dc69d27e7441bd

                                                                                      SHA1

                                                                                      001d2d9735f910b0e4f66aaa42bfbdffbfee5213

                                                                                      SHA256

                                                                                      33d204fb79929b18e6aaffe2aed5d8ca0334f4db14b234964b6280346191e3ff

                                                                                      SHA512

                                                                                      d371ba65ce0c66361e9b75e9122f155a49ad2cbb57ab2228c86ed7d50158da16dd41b3d409e55dcfe47f6cc21529edf7c3467aed35df661fc0164219d81d38aa

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                      Filesize

                                                                                      8KB

                                                                                      MD5

                                                                                      c573d70563dd0422b03ba910b9d9bb47

                                                                                      SHA1

                                                                                      618c7ab63ad7e599d37e711dfcaa333f769b89a6

                                                                                      SHA256

                                                                                      1ef624efb8a0dba1df8948945c2cf9118b066a50cbefb9ef94a0e33f32c7b668

                                                                                      SHA512

                                                                                      a75e7ea990b668eb1149a6cebfbca815ec2bf728ac9c19bfe6cd8a385067d776985fd861fe630af75900afddb3a98836ab73a37f24124539d25d443d168174d1

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                      Filesize

                                                                                      5KB

                                                                                      MD5

                                                                                      7210e6f8415c5121583bcb03aea2c706

                                                                                      SHA1

                                                                                      53ecaec462e090b96d237308ab78ef0e98414dca

                                                                                      SHA256

                                                                                      5562260736b1a848b67953f2cbb04b96dea686939e61448e654a2855e9a1c93b

                                                                                      SHA512

                                                                                      d305853f79c94ec582f924ab76f3668ce689a750d4053538b701a405a8784006fa8dab6f12d78d9f7aaaf70123a07cda915e9736fa3d3da5bcdb47227814904f

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                      Filesize

                                                                                      10KB

                                                                                      MD5

                                                                                      5e072f4891ae69129c83b46663d19c16

                                                                                      SHA1

                                                                                      6c67fdf229ed5125cc0362bcf2f1bfd9925ccee2

                                                                                      SHA256

                                                                                      096ccd0122e821dfa0429168adda632c00ab0faeaef9d92721579783de6e2fb4

                                                                                      SHA512

                                                                                      99b3597b101398cddd3393b02e4ce90296ca048abb9b84e15de12c250a684f09e232fc054e0b437b1581b7a6d304aa095501aaf4e79a2c62554acefdc2a1547b

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                      Filesize

                                                                                      13KB

                                                                                      MD5

                                                                                      304570f3e5d0e32257b8c5889b62edc6

                                                                                      SHA1

                                                                                      150f65a49912603dfe5fc86b5b054c27331ad4b4

                                                                                      SHA256

                                                                                      7ffbc951e3b4ef4333b39b95c0458e1a57e43db5a7dfd07fc1c9c3e7b7a66a3e

                                                                                      SHA512

                                                                                      1fe577b8054f9ede87d86c642bac3f769fa323305b41ef0910241d50381240886407dd5438d6161fb822501b015587aaa0cf8a46193f8141bd22d364a923e54b

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                      Filesize

                                                                                      2KB

                                                                                      MD5

                                                                                      3e3034226902c325fa7013db8769df8c

                                                                                      SHA1

                                                                                      634ebc8c01cc59d27bc022336113db12445cc04c

                                                                                      SHA256

                                                                                      9eaaae1d593241bd0b0d5920075b216747673f75f64b57bb490fbc79934baaca

                                                                                      SHA512

                                                                                      8d06430d623f30bf0c80122ef1f929f084a88a45474edbc346be79110eced9705f7464e29abbe0f0b065c8e35a580aaab1552c9d1efbec5e6d25e6d45b34e091

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                      Filesize

                                                                                      2KB

                                                                                      MD5

                                                                                      877d59eb85b77b15f5d5f5e1b7b86dfb

                                                                                      SHA1

                                                                                      cd3117927dc2506ff5e9e429355967ea9bc72c71

                                                                                      SHA256

                                                                                      9115800591fc044f5870a73b5b415ab92b941c7c2c2445c619ccae89617e71b3

                                                                                      SHA512

                                                                                      66d05b030ca8b6ead36fa0365aff44c21c10f8061c045d8bd1dbe1d4131dab2e3c1b6ede9ef70edf1ea19a3555d2fb4182d16d136d013ec518f78f9e5bb639a1

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                      Filesize

                                                                                      2KB

                                                                                      MD5

                                                                                      c6b315d77e93f4dd246510b735473f03

                                                                                      SHA1

                                                                                      25a9432b5607e6e827be67e86ef8ca50a6a6eb77

                                                                                      SHA256

                                                                                      deb4d10f8cb3e7e3650d36af0d7bf7737ac4ca903fa975b3e1c397d2f87e4fb4

                                                                                      SHA512

                                                                                      b2bf4394f00c3cd70c13b4fa858c14d2c0c3a828f51cc3d6b75386a7c1cf828124bfcf6bcaaf7bfe1b1f0d3be6d37893dab44358d878f0958f49d39cb6afb277

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                      Filesize

                                                                                      2KB

                                                                                      MD5

                                                                                      2e3f62566e15fd3412721c921a87e6fb

                                                                                      SHA1

                                                                                      df66b94813dbc5062b236871202092c79287eac4

                                                                                      SHA256

                                                                                      3f2432d9f84dc01e0120aa4b4f5ceba7fa33a073e4c760be5020f85ee013fdcd

                                                                                      SHA512

                                                                                      3bb71817958aa3c700df7af10c27bc2493ce4c371cfcffa4f9e97546e4e9c8f7dfd974b4e7992586c6b21425fd0960392f07323e5562a827c9725f7f42325e63

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                      Filesize

                                                                                      2KB

                                                                                      MD5

                                                                                      656fac720db6ec26359e4c417b80a6ec

                                                                                      SHA1

                                                                                      08d6fa0098bc38ce7b065e50e5af4ca5bd191f9d

                                                                                      SHA256

                                                                                      f03b5701a7e9ab2abc8be6b01a388cd1dec82128fa7d5c3c880bf717b742fe6f

                                                                                      SHA512

                                                                                      e793a6cd1fa39a3beb12ecc8769e7ec15cfd4dbb08aac2ef25f2316d5b5051b22743cf2d1554fa14285555f47d55940309f18a7d4f45b35d64865a02edd564e0

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb3f.TMP
                                                                                      Filesize

                                                                                      1KB

                                                                                      MD5

                                                                                      d4b87f499b581d54f2a288e5546197c0

                                                                                      SHA1

                                                                                      1fd3129b7a035cb6e99df3a8f87d4d69f50f7c3e

                                                                                      SHA256

                                                                                      ee22a3230af1cb02dc7b86c5ff4ef8c8bde1add94c01be387472da316db075f8

                                                                                      SHA512

                                                                                      efdd6c9290583d2d09dfd9d2a3731991adb06e52556b5379ba66293d006ba28fe3893b24e1f7cdd08cb0436f2b6f96324dda195a4ca918619a7f8c591a17474a

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                      Filesize

                                                                                      16B

                                                                                      MD5

                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                      SHA1

                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                      SHA256

                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                      SHA512

                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                      Download Submit

                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                      Filesize

                                                                                      10KB

                                                                                      MD5

                                                                                      2a36417871ab8bda1b9435b0eebe9845

                                                                                      SHA1

                                                                                      97668b6a3d862e76610599b85765e7c6d38d0afb

                                                                                      SHA256

                                                                                      1abab0346518ace09e1777f603663a8a09dd781dcbdf8d71c9b083dfc5180770

                                                                                      SHA512

                                                                                      542d57054612ec0e2852ddb7fa5059f610b7c66f6aea850f412967a0df586a025c567944be4a4328567962d406d42eb7384842f184ba26c80fa5de2b7c7a1890

                                                                                      Download Submit