Overview

overview

10

Static

static

1

URLScan

urlscan

1

http://bing.com

windows10-2004-x64

Analysis

  • max time kernel
    1056s
  • max time network
    1064s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-08-2024 11:25

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    http://bing.com

Score
10/10
danabotmydoombankerbootkitbotnetdiscoverypersistencetrojanupxworm

Malware Config

Extracted

Family

danabot

C2

51.178.195.151

51.222.39.81

149.255.35.125

38.68.50.179

51.77.7.204
rsa_pubkey.plain

Signatures

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot
  • Danabot x86 payload 1 IoCs

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet
  • Detects MyDoom family 2 IoCs
  • MyDoom

    MyDoom is a Worm that is written in C++.

    wormmydoom
  • Blocklisted process makes network request 16 IoCs
  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • Checks computer location settings 2 TTPs 6 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file 2 IoCs
  • Executes dropped EXE 32 IoCs
  • Loads dropped DLL 4 IoCs
  • UPX packed file 18 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 7 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Drops file in System32 directory 14 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Drops file in Windows directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 31 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 23 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 17 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 3 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 13 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bing.com
    1⤵
      PID:3904
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4320,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=4932 /prefetch:1
      1⤵
        PID:1188
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --field-trial-handle=2108,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=3832 /prefetch:1
        1⤵
          PID:5064
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5324,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:8
          1⤵
            PID:4752
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5368,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:8
            1⤵
              PID:4356
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --field-trial-handle=5812,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5820 /prefetch:1
              1⤵
                PID:2796
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5996,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=4296 /prefetch:8
                1⤵
                  PID:4900
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=5064,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6040 /prefetch:1
                  1⤵
                    PID:4980
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6092,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6068 /prefetch:1
                    1⤵
                      PID:2436
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6304,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5072 /prefetch:8
                      1⤵
                        PID:1732
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=5836,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5896 /prefetch:8
                        1⤵
                          PID:3984
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=6352,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6380 /prefetch:8
                          1⤵
                            PID:852
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --field-trial-handle=6508,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6580 /prefetch:1
                            1⤵
                              PID:1036
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6540,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6728 /prefetch:8
                              1⤵
                                PID:640
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=6864,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=6852 /prefetch:1
                                1⤵
                                  PID:2580
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --field-trial-handle=7036,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7052 /prefetch:1
                                  1⤵
                                    PID:2952
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --field-trial-handle=7236,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7184 /prefetch:1
                                    1⤵
                                      PID:4240
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --field-trial-handle=5564,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:1
                                      1⤵
                                        PID:3816
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --field-trial-handle=7092,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7124 /prefetch:1
                                        1⤵
                                          PID:4256
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --field-trial-handle=7424,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7108 /prefetch:1
                                          1⤵
                                            PID:4444
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --field-trial-handle=7664,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7636 /prefetch:1
                                            1⤵
                                              PID:1244
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --field-trial-handle=7584,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7824 /prefetch:1
                                              1⤵
                                                PID:2064
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --field-trial-handle=7708,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7908 /prefetch:1
                                                1⤵
                                                  PID:3468
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=8040,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5676 /prefetch:8
                                                  1⤵
                                                    PID:5604
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=8132,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5608 /prefetch:8
                                                    1⤵
                                                    • Modifies registry class
                                                    • Suspicious use of SetWindowsHookEx
                                                    PID:5648
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --field-trial-handle=8152,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8176 /prefetch:1
                                                    1⤵
                                                      PID:5876
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=7256,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7316 /prefetch:8
                                                      1⤵
                                                        PID:5884
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=7932,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7996 /prefetch:8
                                                        1⤵
                                                        • Modifies registry class
                                                        • Suspicious use of SetWindowsHookEx
                                                        PID:4328
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --field-trial-handle=7608,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8240 /prefetch:1
                                                        1⤵
                                                          PID:5332
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --field-trial-handle=7908,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7296 /prefetch:1
                                                          1⤵
                                                            PID:5396
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --field-trial-handle=7904,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7968 /prefetch:1
                                                            1⤵
                                                              PID:5516
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --field-trial-handle=5616,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8016 /prefetch:1
                                                              1⤵
                                                                PID:5536
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=5504,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8424 /prefetch:8
                                                                1⤵
                                                                • Modifies registry class
                                                                • Suspicious use of SetWindowsHookEx
                                                                PID:5816
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --field-trial-handle=7848,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8512 /prefetch:1
                                                                1⤵
                                                                  PID:5916
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --field-trial-handle=7552,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8060 /prefetch:1
                                                                  1⤵
                                                                    PID:4960
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --field-trial-handle=8228,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7976 /prefetch:1
                                                                    1⤵
                                                                      PID:336
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --field-trial-handle=8324,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7900 /prefetch:1
                                                                      1⤵
                                                                        PID:1668
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --field-trial-handle=7716,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7524 /prefetch:1
                                                                        1⤵
                                                                          PID:5336
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --field-trial-handle=8048,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=5648 /prefetch:1
                                                                          1⤵
                                                                            PID:5032
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --field-trial-handle=8000,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7984 /prefetch:1
                                                                            1⤵
                                                                              PID:4800
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --field-trial-handle=8056,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8408 /prefetch:1
                                                                              1⤵
                                                                                PID:5180
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --field-trial-handle=7772,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=7748 /prefetch:1
                                                                                1⤵
                                                                                  PID:5592
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --field-trial-handle=8716,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8700 /prefetch:1
                                                                                  1⤵
                                                                                    PID:5928
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --field-trial-handle=8848,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8828 /prefetch:1
                                                                                    1⤵
                                                                                      PID:4648
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --field-trial-handle=8832,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=8992 /prefetch:1
                                                                                      1⤵
                                                                                        PID:3016
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --field-trial-handle=9188,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=9152 /prefetch:1
                                                                                        1⤵
                                                                                          PID:2684
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --field-trial-handle=9300,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=9320 /prefetch:1
                                                                                          1⤵
                                                                                            PID:428
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --field-trial-handle=9468,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=9508 /prefetch:1
                                                                                            1⤵
                                                                                              PID:5552
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --field-trial-handle=9628,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=9656 /prefetch:1
                                                                                              1⤵
                                                                                                PID:4488
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --field-trial-handle=9840,i,12470628711992022444,7767535593390851522,262144 --variations-seed-version --mojo-platform-channel-handle=9860 /prefetch:1
                                                                                                1⤵
                                                                                                  PID:3428
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                                                                                  1⤵
                                                                                                  • Enumerates system info in registry
                                                                                                  • Modifies data under HKEY_USERS
                                                                                                  • Modifies registry class
                                                                                                  • Suspicious behavior: GetForegroundWindowSpam
                                                                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                  • Suspicious use of FindShellTrayWindow
                                                                                                  • Suspicious use of SendNotifyMessage
                                                                                                  • Suspicious use of WriteProcessMemory
                                                                                                  PID:5596
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.89 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.86 --initial-client-data=0x238,0x23c,0x240,0x234,0x264,0x7ffe8db5d198,0x7ffe8db5d1a4,0x7ffe8db5d1b0
                                                                                                    2⤵
                                                                                                      PID:1180
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2788,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=2772 /prefetch:2
                                                                                                      2⤵
                                                                                                        PID:4364
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1980,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=2964 /prefetch:3
                                                                                                        2⤵
                                                                                                          PID:3772
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2236,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=3108 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:4624
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4884,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:3036
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=5104,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5096 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:2936
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --field-trial-handle=5532,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5540 /prefetch:8
                                                                                                                2⤵
                                                                                                                  PID:5556
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --field-trial-handle=5568,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5596 /prefetch:8
                                                                                                                  2⤵
                                                                                                                    PID:4492
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5924,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6048 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:2116
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=6072,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6084 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:4972
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=6324,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6348 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:4668
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=6168,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6164 /prefetch:8
                                                                                                                          2⤵
                                                                                                                            PID:5004
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5940,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5308 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:1580
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=5000,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:8
                                                                                                                              2⤵
                                                                                                                                PID:1028
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --field-trial-handle=5364,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5024 /prefetch:8
                                                                                                                                2⤵
                                                                                                                                  PID:6032
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=5160,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5172 /prefetch:8
                                                                                                                                  2⤵
                                                                                                                                  • Modifies registry class
                                                                                                                                  PID:6048
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=6908,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6888 /prefetch:8
                                                                                                                                  2⤵
                                                                                                                                    PID:6028
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=6916,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6896 /prefetch:8
                                                                                                                                    2⤵
                                                                                                                                      PID:1416
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=2388,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=2708 /prefetch:8
                                                                                                                                      2⤵
                                                                                                                                        PID:5592
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=7124,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=3172 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:3016
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6460,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6912 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:2836
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --field-trial-handle=5344,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7404 /prefetch:8
                                                                                                                                            2⤵
                                                                                                                                              PID:5644
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7256,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7516 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:5808
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=7636,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7280 /prefetch:8
                                                                                                                                                2⤵
                                                                                                                                                  PID:1808
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=7828,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7844 /prefetch:8
                                                                                                                                                  2⤵
                                                                                                                                                    PID:4184
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --field-trial-handle=4408,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7980 /prefetch:8
                                                                                                                                                    2⤵
                                                                                                                                                      PID:1640
                                                                                                                                                    • C:\Users\Admin\Downloads\DanaBot.exe
                                                                                                                                                      "C:\Users\Admin\Downloads\DanaBot.exe"
                                                                                                                                                      2⤵
                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                      PID:1540
                                                                                                                                                      • C:\Windows\SysWOW64\regsvr32.exe
                                                                                                                                                        C:\Windows\system32\regsvr32.exe -s C:\Users\Admin\DOWNLO~1\DanaBot.dll f1 C:\Users\Admin\DOWNLO~1\DanaBot.exe@1540
                                                                                                                                                        3⤵
                                                                                                                                                        • Loads dropped DLL
                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                        PID:1244
                                                                                                                                                        • C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                                          C:\Windows\SysWOW64\rundll32.exe C:\Users\Admin\DOWNLO~1\DanaBot.dll,f0
                                                                                                                                                          4⤵
                                                                                                                                                          • Blocklisted process makes network request
                                                                                                                                                          • Loads dropped DLL
                                                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                                                          PID:3436
                                                                                                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                            C:\Windows\SysWOW64\WerFault.exe -u -p 3436 -s 1472
                                                                                                                                                            5⤵
                                                                                                                                                            • Program crash
                                                                                                                                                            PID:6492
                                                                                                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 1540 -s 460
                                                                                                                                                        3⤵
                                                                                                                                                        • Program crash
                                                                                                                                                        PID:2552
                                                                                                                                                    • C:\Users\Admin\Downloads\DanaBot.exe
                                                                                                                                                      "C:\Users\Admin\Downloads\DanaBot.exe"
                                                                                                                                                      2⤵
                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                      PID:5192
                                                                                                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 5192 -s 148
                                                                                                                                                        3⤵
                                                                                                                                                        • Program crash
                                                                                                                                                        PID:4424
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=7284,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7392 /prefetch:8
                                                                                                                                                      2⤵
                                                                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                      PID:5576
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7660,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7040 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:3868
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=5716,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7052 /prefetch:8
                                                                                                                                                        2⤵
                                                                                                                                                          PID:5868
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=7492,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7472 /prefetch:8
                                                                                                                                                          2⤵
                                                                                                                                                            PID:4796
                                                                                                                                                          • C:\Users\Admin\Downloads\Lacon.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\Lacon.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Drops startup file
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Adds Run key to start application
                                                                                                                                                            • Drops file in System32 directory
                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:3996
                                                                                                                                                          • C:\Users\Admin\Downloads\Lacon.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\Lacon.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Drops file in System32 directory
                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:924
                                                                                                                                                          • C:\Users\Admin\Downloads\Lacon.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\Lacon.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Drops file in System32 directory
                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:5212
                                                                                                                                                          • C:\Users\Admin\Downloads\Lacon.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\Lacon.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Drops file in System32 directory
                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:5360
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=4300,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=1068 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:5960
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=1064,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7516 /prefetch:8
                                                                                                                                                              2⤵
                                                                                                                                                                PID:2284
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=5832,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5680 /prefetch:8
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:2428
                                                                                                                                                                • C:\Users\Admin\Downloads\MyPics.a.exe
                                                                                                                                                                  "C:\Users\Admin\Downloads\MyPics.a.exe"
                                                                                                                                                                  2⤵
                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                  PID:6116
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=2148,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7532 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:4900
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=7300,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4136 /prefetch:8
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:2836
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=5572,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5668 /prefetch:8
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:5560
                                                                                                                                                                      • C:\Users\Admin\Downloads\NakedWife.exe
                                                                                                                                                                        "C:\Users\Admin\Downloads\NakedWife.exe"
                                                                                                                                                                        2⤵
                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                                                                                        PID:632
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --field-trial-handle=7040,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7324 /prefetch:8
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:4964
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8352,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8356 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:3900
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=7604,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5556 /prefetch:8
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:4328
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=7576,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7496 /prefetch:8
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:1256
                                                                                                                                                                              • C:\Users\Admin\Downloads\MyDoom.A.exe
                                                                                                                                                                                "C:\Users\Admin\Downloads\MyDoom.A.exe"
                                                                                                                                                                                2⤵
                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                • Loads dropped DLL
                                                                                                                                                                                • Drops file in System32 directory
                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                PID:6036
                                                                                                                                                                              • C:\Users\Admin\Downloads\MyDoom.A.exe
                                                                                                                                                                                "C:\Users\Admin\Downloads\MyDoom.A.exe"
                                                                                                                                                                                2⤵
                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                • Loads dropped DLL
                                                                                                                                                                                • Drops file in System32 directory
                                                                                                                                                                                PID:1972
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5688,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7432 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:5572
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=7544,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6888 /prefetch:8
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:5848
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=2028,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4140 /prefetch:8
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:5664
                                                                                                                                                                                    • C:\Users\Admin\Downloads\ArcticBomb.exe
                                                                                                                                                                                      "C:\Users\Admin\Downloads\ArcticBomb.exe"
                                                                                                                                                                                      2⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                                                      PID:5468
                                                                                                                                                                                    • C:\Users\Admin\Downloads\ArcticBomb.exe
                                                                                                                                                                                      "C:\Users\Admin\Downloads\ArcticBomb.exe"
                                                                                                                                                                                      2⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      PID:2760
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7112,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4260 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:4656
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=7612,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5668 /prefetch:8
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:1588
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=6988,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=6996 /prefetch:8
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:5460
                                                                                                                                                                                          • C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe
                                                                                                                                                                                            "C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe"
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Checks computer location settings
                                                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                                                            • Adds Run key to start application
                                                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                            PID:2436
                                                                                                                                                                                            • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Free YouTube Downloader.exe
                                                                                                                                                                                              "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Free YouTube Downloader.exe"
                                                                                                                                                                                              3⤵
                                                                                                                                                                                              • Checks computer location settings
                                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                                              • Suspicious use of SendNotifyMessage
                                                                                                                                                                                              PID:5624
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:3360
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:6964
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:7940
                                                                                                                                                                                          • C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe
                                                                                                                                                                                            "C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe"
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                            PID:4928
                                                                                                                                                                                          • C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe
                                                                                                                                                                                            "C:\Users\Admin\Downloads\FreeYoutubeDownloader.exe"
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Checks computer location settings
                                                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                                                            • Adds Run key to start application
                                                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                            PID:3492
                                                                                                                                                                                            • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Free YouTube Downloader.exe
                                                                                                                                                                                              "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Free YouTube Downloader.exe"
                                                                                                                                                                                              3⤵
                                                                                                                                                                                              • Checks computer location settings
                                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                                              • Suspicious use of SendNotifyMessage
                                                                                                                                                                                              PID:4408
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:4672
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:7040
                                                                                                                                                                                              • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                "C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe"
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:7888
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=6904,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=1736 /prefetch:1
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:1112
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=5836,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5596 /prefetch:8
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:3668
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --field-trial-handle=5500,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=3860 /prefetch:8
                                                                                                                                                                                                2⤵
                                                                                                                                                                                                  PID:4052
                                                                                                                                                                                                • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                  "C:\Users\Admin\Downloads\MEMZ.exe"
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                  • Checks computer location settings
                                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                  PID:2680
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:3520
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:4228
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:3076
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:3860
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:5980
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\MEMZ.exe" /main
                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                    • Checks computer location settings
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • Writes to the Master Boot Record (MBR)
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:3528
                                                                                                                                                                                                    • C:\Windows\SysWOW64\notepad.exe
                                                                                                                                                                                                      "C:\Windows\System32\notepad.exe" \note.txt
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                                                                      PID:5252
                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                        PID:2352
                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi
                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                          PID:4888
                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                            PID:5808
                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                              PID:2116
                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                PID:400
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                  PID:5216
                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                    PID:5536
                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                      PID:7096
                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                        PID:7064
                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                          PID:6340
                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                            PID:7360
                                                                                                                                                                                                                          • C:\Windows\SysWOW64\mmc.exe
                                                                                                                                                                                                                            "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                            PID:7464
                                                                                                                                                                                                                            • C:\Windows\system32\mmc.exe
                                                                                                                                                                                                                              "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
                                                                                                                                                                                                                              5⤵
                                                                                                                                                                                                                              • Drops file in System32 directory
                                                                                                                                                                                                                              • Drops file in Windows directory
                                                                                                                                                                                                                              • Checks SCSI registry key(s)
                                                                                                                                                                                                                              • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                              PID:5896
                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt
                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                              PID:7436
                                                                                                                                                                                                                            • C:\Windows\SysWOW64\calc.exe
                                                                                                                                                                                                                              "C:\Windows\System32\calc.exe"
                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                                              PID:8164
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                PID:8144
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                  PID:8024
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=2744,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7424 /prefetch:1
                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                PID:2732
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=7508,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5760 /prefetch:1
                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                  PID:4312
                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6880,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7004 /prefetch:1
                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                    PID:5148
                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7540,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7560 /prefetch:1
                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                      PID:2756
                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=4104,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8424 /prefetch:1
                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                        PID:5724
                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=5816,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7296 /prefetch:1
                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                          PID:5528
                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=8472,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7356 /prefetch:1
                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                            PID:5820
                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=7764,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4604 /prefetch:1
                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                              PID:4588
                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=3928,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=4880 /prefetch:1
                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                PID:2768
                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8548,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7324 /prefetch:1
                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                  PID:5644
                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=8440,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8584 /prefetch:1
                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                    PID:4500
                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=5648,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8448 /prefetch:1
                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                      PID:5396
                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8576,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8700 /prefetch:1
                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                        PID:3248
                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=8244,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8740 /prefetch:1
                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                          PID:5444
                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=6660,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=7216 /prefetch:1
                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                            PID:6044
                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7132,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8716 /prefetch:1
                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                              PID:2592
                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=7360,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8824 /prefetch:1
                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                PID:3352
                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=8760,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9120 /prefetch:1
                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                  PID:5652
                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=8980,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9248 /prefetch:1
                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                    PID:3812
                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=8792,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=8796 /prefetch:1
                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                      PID:4276
                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=9504,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9528 /prefetch:1
                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                        PID:880
                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=9624,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9604 /prefetch:1
                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                          PID:2792
                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=9920,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9848 /prefetch:1
                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                            PID:3488
                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=10012,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9948 /prefetch:1
                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                              PID:3624
                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=10008,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9496 /prefetch:1
                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                PID:5328
                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=9876,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9692 /prefetch:1
                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                  PID:4244
                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=9972,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10032 /prefetch:1
                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                    PID:4744
                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=9704,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9660 /prefetch:1
                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                      PID:5644
                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=9724,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10384 /prefetch:1
                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                        PID:7112
                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=10464,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=9728 /prefetch:1
                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                          PID:5960
                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=10280,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10256 /prefetch:1
                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                            PID:6188
                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=10688,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10704 /prefetch:1
                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                              PID:6200
                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=10860,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10672 /prefetch:1
                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                PID:6432
                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11112,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10460 /prefetch:1
                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                  PID:6068
                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=6636,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11008 /prefetch:1
                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                    PID:4736
                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=11416,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11044 /prefetch:1
                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                      PID:2848
                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationServiceBroker --lang=en-US --service-sandbox-type=mf_cdm --video-capture-use-gpu-memory-buffer --field-trial-handle=10488,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11024 /prefetch:8
                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                        PID:6636
                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.CdmServiceBroker --lang=en-US --service-sandbox-type=cdm --video-capture-use-gpu-memory-buffer --field-trial-handle=11196,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11496 /prefetch:8
                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                        • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                                                                                                                                                                                                                                        PID:6300
                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=11084,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11260 /prefetch:1
                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                          PID:5420
                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=10408,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11880 /prefetch:1
                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                            PID:6264
                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=11812,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11552 /prefetch:1
                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                              PID:2712
                                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=12072,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12044 /prefetch:1
                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                PID:6060
                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=11572,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12208 /prefetch:1
                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                  PID:6372
                                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=12392,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12400 /prefetch:1
                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                    PID:4460
                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=12164,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12128 /prefetch:1
                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                      PID:7396
                                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=12600,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12628 /prefetch:1
                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                        PID:7500
                                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=12408,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12356 /prefetch:1
                                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                                          PID:7724
                                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=12716,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12752 /prefetch:1
                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                            PID:8128
                                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=11652,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12656 /prefetch:1
                                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                                              PID:7448
                                                                                                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=12748,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11092 /prefetch:1
                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                PID:7668
                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --field-trial-handle=12604,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=12660 /prefetch:8
                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                  PID:5436
                                                                                                                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=13004,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=10360 /prefetch:1
                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                    PID:8132
                                                                                                                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=13124,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=13148 /prefetch:1
                                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                                      PID:7776
                                                                                                                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=12340,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=11192 /prefetch:1
                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                        PID:6852
                                                                                                                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=12516,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=13292 /prefetch:1
                                                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                                                          PID:6876
                                                                                                                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=12436,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=13420 /prefetch:1
                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                            PID:4852
                                                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=12720,i,16977287343199795147,1961622854447644954,262144 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:1
                                                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                                                              PID:7740
                                                                                                                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe
                                                                                                                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe"
                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                              PID:2332
                                                                                                                                                                                                                                                                                                                                            • C:\Windows\system32\svchost.exe
                                                                                                                                                                                                                                                                                                                                              C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
                                                                                                                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                              PID:5056
                                                                                                                                                                                                                                                                                                                                              • C:\Windows\system32\dashost.exe
                                                                                                                                                                                                                                                                                                                                                dashost.exe {74910e18-dfdc-4d86-bde981e966015cd5}
                                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                                  PID:1112
                                                                                                                                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
                                                                                                                                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                                                                                                                                  PID:1504
                                                                                                                                                                                                                                                                                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                                  C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 1540 -ip 1540
                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                    PID:1256
                                                                                                                                                                                                                                                                                                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                                    C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 5192 -ip 5192
                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                      PID:3464
                                                                                                                                                                                                                                                                                                                                                    • C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                                                                                                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                                                                                                                        PID:1504
                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\DanaBot.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Users\Admin\Downloads\DanaBot.exe"
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                                                                                                                                                                        PID:2772
                                                                                                                                                                                                                                                                                                                                                      • C:\Program Files\7-Zip\7zFM.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\DanaBot.dll"
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                                                                                                                                                                                                                                                                                        PID:1036
                                                                                                                                                                                                                                                                                                                                                      • C:\Users\Admin\Downloads\MyPics.a.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Users\Admin\Downloads\MyPics.a.exe"
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                                                                                                                                                                        PID:5456
                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\taskmgr.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Windows\system32\taskmgr.exe" /0
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Checks SCSI registry key(s)
                                                                                                                                                                                                                                                                                                                                                        • Checks processor information in registry
                                                                                                                                                                                                                                                                                                                                                        • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                                                                                                                                                                        PID:1028
                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                                                                                                                                                                        C:\Windows\system32\AUDIODG.EXE 0x4f4 0x2f8
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                                                                                                                        PID:5312
                                                                                                                                                                                                                                                                                                                                                      • C:\Windows\system32\taskmgr.exe
                                                                                                                                                                                                                                                                                                                                                        "C:\Windows\system32\taskmgr.exe" /0
                                                                                                                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                                                                                                                          PID:7360
                                                                                                                                                                                                                                                                                                                                                        • C:\Windows\system32\taskmgr.exe
                                                                                                                                                                                                                                                                                                                                                          "C:\Windows\system32\taskmgr.exe" /0
                                                                                                                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                                                                                                                            PID:7740
                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\OpenWith.exe
                                                                                                                                                                                                                                                                                                                                                            C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                                                                                                                            PID:8160
                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\system32\LogonUI.exe
                                                                                                                                                                                                                                                                                                                                                            "LogonUI.exe" /flags:0x4 /state0:0xa3e7a055 /state1:0x41c64e6d
                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                            • Modifies data under HKEY_USERS
                                                                                                                                                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                                                                                                                            PID:7892
                                                                                                                                                                                                                                                                                                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                                            C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 3436 -ip 3436
                                                                                                                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                                                                                                                              PID:7880

                                                                                                                                                                                                                                                                                                                                                            Network

                                                                                                                                                                                                                                                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                                                                                                                            Replay Monitor

                                                                                                                                                                                                                                                                                                                                                            Loading Replay Monitor...

                                                                                                                                                                                                                                                                                                                                                            Downloads

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              280B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d3bd9d4262fb20f5f0d95f343244cb4c

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              5ce626fe6d8c6aad72db6ea915aba6bc06051cdb

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              eed661895f01ca048f368477c5229becd6a7bc9194351c2c87eb20f2ed61e69d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              27d6886456d2d7aa68e227ff8592b5440f0e2136442ded7827c96817fff123ec109d8fb393f177aee62ad39246e8788df38ee18cfcc655ec44580824887c3817

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              334B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              6825a71144090ae6d139678db95b2b8f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a5762de5f90316b1d58dc835655183beb8dc708e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              1c93ab72304443c425210c046efcd529f1fd6d0a6896ae7d61b5d8b9bf7e7d8b

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              5291076b09fae47297196c300a8b18617761f3a0a8b6795ac07791d5e21ff58efd9b55c7c7dd68bc9f49ca5468f13d74960b2b73766b77e2eb64391a98812b40

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              334B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              477ec7571b0e786af8cc1c5b691b0141

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              bf95f272da0fec5891110ab3e43950ead4d6626c

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0854f40ab80df202759e763738993b682389e9752d46596b0ff5ffee6b882eeb

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              65f629b6fb79e2550b4af0ec6b0be258bf324c9035b789e2b903821e164c7ad8d0a5e59581421667b8514de506250ee2f9f253df5afb9e98170fc8e5fb60fe19

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00012f
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              37KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              48f925eefce06701a10bb34743596ef6

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              3271af5587fb44878f2355cb99cc2a5a915706fd

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              85712a77e89fff00123155170da85c01b812e5b68de05a05f59c71fcba597a17

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              76993db32748cf3f3295318b153ab6fd85d18a624f5b75d85d2e8c7b39f5d19003cb10c659173dee6a87aec02ce30f3f3219ca9bfae0996e37db64fd6b446d6e

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000130
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              37KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              25c164c17e9d2475837bd5b9d822aeeb

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              0b5fc6247afc76aaef44cf13418754221a8bc70b

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              51351d1af0a1f2c2249a0c958364f8637ce8c74bc9dd45990c55667423cfd6e2

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              5d0d08caa9c715001b56cf40f800c9db0d39ec8d27357a68773666d93a929c6d46783b435af8476015de619af5c3d7e40a15c1c46a7f5ce8553944e0db115935

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000131
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              7715176f600ed5d40eaa0ca90f7c5cd7

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              00fdb1d5b1421ea03d2d33542a4eaf7ac543d3d0

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              154632629a0698587e95c608e6ed5f232e2ba1a33d7c07fea862a25293a9926e

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              799cfee1969b6137813c98b83b90052c04527b273156f577841b64828c07c4e6a3913a6ddd49ae5021ed54a367ddbc5ab2193226960b0ffe9a618c663c8d8a1c

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000132
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              2f0cb4a501c76993f5ab360291384aea

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              cca34788d5ad38c56868e3cb046f79e0c38e3102

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0f765c5719d516d59250896d5aa283527ebc7e6779504c6562f4f2c04246af2a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              dbfab771c875d04b3db32574bad4429d58f16eb194034c201746f7cda29174dce73f6513dae0e45a919cda6dff1d6e79aebc1576ec231310d8d910c7354804cc

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000133
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              18KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              2e23d6e099f830cf0b14356b3c3443ce

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              027db4ff48118566db039d6b5f574a8ac73002bc

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000134
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              57KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              7e21b212cb697ee8dc11eb5d6318af30

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              019139f1d160a7923d20dab67fb286a1e453285f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              c7bc66711c2ec323863307b2cb6d6b0175082f35d34c40c33befe11b86051baf

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9b8f1f8d9c5e1c39644b327b273850c5b2b403742b13222fcffa7ae074fe7040d0d0e05bc8f5986772f9106297dcf487c4f8367f249cf091300209b17459a697

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000135
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              19KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              47d127c0eba91a712dae9e7be3a720c0

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a4bceb61b09ab4d3653fde07d416d2172342354d

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f980b99f571fdc3056c26f93626ac0c8c350155e88e05fae3a75078501be08b7

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              a2a570865642e4980b77a3b4e82e877ab764aeb83176c3208055b382df023abc4d39bc2a441a7190111e451eff04ca716bc376d705295b4ff8e663cf95ccb583

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000136
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              17KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              109a8cceba33695698297e575e56bfad

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              2b8c6dce1ccd21a6eea2dd9aef2a8a6bde389053

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              dd82d9ac034f0a06524fc1d5ef884c29a7e4d586a1e7db66e339dc54fac3636d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              6d51ed30c45560838df921212370a0044640a8e3c0433922106225cb6fec8cc115ac6191c753da13def21c4e0db4deb5782fb7a75ada822ced1db7c7d13beaf3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000137
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              25KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              91d7da083c2b87d914282afb17eaadb5

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              15f6c462f171345cfb41c1b675fcc9cd8cc51381

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              79be3f92c10c259044e14f1e72ec890d5516512ad30aeb6930b0ba1623e1ffb9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              07cd611cbaaf70d8caa9aa0918b9f4895a1032cb586dd4486fa52be647210f1d548f03b439420b307926b1071d394d7708146eb7333101030387adb51c20c203

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000138
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              17KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              377ee9bff7058c90585fdc582efc240c

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              77b71281315e09b9396ce95284143e2d34c44071

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              4459054f4933c45e171ae521ac711be3b251a89aed3b08687b4d13a670fccb92

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              d4a5cd53bc0d7c1ae3cf8a3d066504ebe6a375a425053d8708d33d82ef9c8621e6fcb50c62cacc57646328ad4ee7b47d6154008f6e966bad0df8cb9fc951c8ba

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000139
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              16KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              9395baaa17b0a20ab4cbb63fb8b5f9fe

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              41f9ee65e2a8df82ca7d0efa76a067580b75380e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              8ad28f829724670c14ecf5b8e2a1eebfa603ddbd3b4281aeca9ae5376cda9bb8

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              ddffd1b003ed46eb248e5a5eaa5b7c65a2f5988132562b4172e8d863ff739e2a5613062808811bcfb5695f869556d31e31ca6484e066a581b1a25486f0de11cb

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00013a
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              53KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              cfff8fc00d16fc868cf319409948c243

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              b7e2e2a6656c77a19d9819a7d782a981d9e16d44

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00013b
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              137KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a336ad7a2818eb9c1d9b7d0f4cc7d456

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d5280cb38af2010e0860b7884a23de0484d18f62

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              83bdfb7d266fd8436312f6145c1707ddf0fb060825527acfe364c5db859887a3

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              fa69455b3bfc162ab86a12332fe13322dfd8749be456779c93a6ab93e1d628e246a31a0a55cdba0c45adb3085acd62ba0a094b2115529d70cb9f693f3b1da327

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00013c
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              23KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              bc715e42e60059c3ea36cd32bfb6ebc9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              b8961b23c29b9769100116ba0da44f13a24a3dd4

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000148
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              212KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              2257803a7e34c3abd90ec6d41fd76a5a

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              f7a32e6635d8513f74bd225f55d867ea56ae4803

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000149
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              24KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c594a826934b9505d591d0f7a7df80b7

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              c04b8637e686f71f3fc46a29a86346ba9b04ae18

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1224a3513b186381_0
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              289B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              92e5368e93203b81c8518c076e80c31e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              4cdd0836b22ac8ff4697f99339a62ba9c19a6dbd

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              3fd5ffd2f534d551b89a939761981eb5476422e99afcd39271b4d29533bdcba3

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              bc0345d6f97ab0ecb38093d85cd45a9406642e5fba1adfa55e58c4a6c54190a758392ece6d35632e1b5ad2be5977763220502c0a9e16e1a17214c43b7a01e2ed

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\127ee72764e708aa_0
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              365KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              12c4709f51be05de69d32797d0a2be59

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              4e5e7aa14ac9d65f6d17f12bd9601d7a8006fe52

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              4c347f7344d573683e4ce6b6780014ff6e7176674c550827330462612488704d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9835fc964bc3a30c21ff7f1e741f442a367be1ca2444b49e90f400c5d658575752b1cfc6242e7b74f088991b23a5f8f3dff04defe7cbd7479258525267e4a685

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\670552a3a9615861_0
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              19KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c1d5a67537f08142ed7bcc0e53594b89

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fbdc71df535081c7073acc911078242c02ebc873

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              49124299b1c7e57bcb2c6b1c317da9aacfd777baecad815abfc7643bdb6088b9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              b69cd57f20070e2c5aed305fa56ad22e3b62a4a164cdd2f780812d5e4e8c6a9ca0685774b7ebb895a8b7dbf7916763fe42ed34ccc952f5584bb2342d4629b1c8

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\738184b4bb16e32c_0
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              1ee437dff10ae8c953d7c3318c770c7e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fa096058825b29ae62ebafc4685f171130bcbc56

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              1a6a74763ca6aeec355cd516f151feee0160d06f89c9f63d3520fee6e5454b80

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c736fb5993a36db3e71e63583d3faa0f8a6b616a7e8fd2870a0078be21cdf6d0531f09fac68065e67e0f0c948a2f9d95e796a6c5613e1c133753e9e48434f5ab

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ef50c363cec9291e_0
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              280B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              bf80c00a2e07ffc908352d93d7f165ef

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              801e03cc59b8f7b6240ba2e19924cf2aebc4f371

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              be304815c3b34c9794c2a83bac414afe838c579750995f571e82c4b9c74f5b17

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              7780424a556360e0226cce41aacb64b7bea21a61b84a41b2707818c7091b62242d4be6aeda3e1d1209fa321d45c2364829aaaf604fd0940b9e84aca9462c8184

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              10KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              ea0ec7764439d129d076a86bb154b39f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fd542633b55096f63ce93b3176ca039cc010f24c

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              63bb90e9b51086b011aa14497cc7a54b42c0cdac7099b7508b1ec0b04aa220dd

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              704d85d894040698a3fead9a3b2a8940054807a6faa0c37d045517b78a022269ffedb4a0bbf4f65dfcc523852c712a1dde05147f1bfe55f4645edc1b57fba50f

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              13KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              2d8028b0fabf9826939bf1b629b05029

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              1fc3d7488c91ba42c5f63d998d90064ca8f28831

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e85dc7300efa0758e8b4c2ce0ce7de1e74c385b3a9a85beced9445e32862c59a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              89bd93e5039c17fe3c658206b9ec9c902192c650f3cbb8072380a75f13822feb3a57b122d4b4a93103194915bfe9f5ad6ffdb887b43306b7246781e429e2e639

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              10KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              e332df3690aef5e25a13efe6885d8c4f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              bb2b9427adee3ee4dfeb86861b4199fd130bd2ad

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              b3409fdbbddb6a2bed04a408b92cae10991af1896060c4c5ba7c8d545eb72530

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              f30129e4548369f96fc2d1b0f17217b023ef8bb3e3d4db604d9396f2b31a8e8730ee6fca301bd50a2039c72b4973439a287200d608fdca9c9024ab87033d2629

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              10KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              8d009e508c0ed0052671841754dfce4f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              abe7b981beb13e2a5dc088b7d741a33ce6815703

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              ff7bd2370e6ca7bc3c9930a7a4723a740bab7e5b0f9a077b64e77f46655ee591

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              72e2939bcb9ecec7cba53557e2260edc6b0151ed62f339f81a361d3861a048a532590fb1d846eed13fbb5ca405678abe1b3999eafb3c1d42809c117f84ac7b16

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              13KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              b980d7609527101e3944ddf92a1b733b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d60da0e0f71d63694d982e53877288ede50205d2

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              54846f6d46406d257c45ddeaf5f629f31529a8c780eac8e6f3ee61a92dca0823

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              0a64148437ac0ea1bc00061497720ff6bea73006354c54b634059d33d77a24670308f54f4cb05627ec5435dec17f823aaa0c5d2db8eebdfdf1d722d3fc56fbab

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              22KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              08d3c9161f7f233b93522dc54e74613d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              034670b12a5fa17208d9d84a01e9b60921963da4

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              abadbc5bac969981a29eb3a979b4f78b92895352c999b716b3406b095d12fe9d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              f819cab3d7657426cb4a82d17fb4414c88d59e4522f9551f63aba38209cd135ddee4ea6e4f1b44d5e9128b36b8293ed3ce5907cd481afc6a4a7d93b84841d7f9

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d751713988987e9331980363e24189ce

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              211B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              f11b66cafa647b3a7ec9f55cdc1000ac

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              8906b664a51f6a3919f838a6bb649c8c31206af2

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              fbb5d0d635b7ea5af1a0427fe1375283cc2173037ea9934b2b2acadf8789a60d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              8466e8dc4fbec509e62cdba75b199e211167ba28e36aae71393634083bc93220c4cb8633b9450d3e4a86550b4674bfb1cbe2497bf8fa7a139a553b4d80dfa93a

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              40B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              20d4b8fa017a12a108c87f540836e250

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              211B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d62f7d4f23ea6c1587a88dd96ad104ae

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fefb20ac882e76b24fde86abca0bca0711ea7dc7

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              dd3bf7043645d85387e5c035e3c0970c10b4a0572b69a5b4a469fc03e697931e

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              efad39190fb7ddd14dbcc31d3803b6659bde192589a3eb62daf867b793d1ff2b92f6832aeb9765e0ea1320f31f725240b726a7802d12b719c708a42efb68b392

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              211B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              b1e9aaf15259c647a03396f993c8b903

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              bac09d16692dd8eb58406c8b9aaa4722e24cb624

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              504fb750f06ee2b3825f30a4fca17584015fc9e2c7614cff01660554d57c03b6

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e4ca90776fa25232114976d9e9867d61a72dbad2033ba9e9090760f255e1581d4cd0b38e04bfb2eb9b0fd5c245026cb8fd1a0ea8c0219fbe1d5e7251292db108

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              21030eba4485e9f682da602b41340e23

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ed1fb3a53b106c97e5c4cdebd0e03fa74fa18482

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              3cb7ff035b12d75f825949029949bd34e854925390537c7f596b311426b6c4ce

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c15683c09f368522fde70a2eb38a54e8cf658bd556907d03dfc74b97c34226a74ab7ec458c3bc9b7f0c507b570fb9b4d9943235d09e8e954687b6a2f6d0fb27d

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              b5a0eed5f7fcca8fe1e305d8140fd019

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              9ddfe39eb717c96141214ef44ce589174b984dc8

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              322a6659db44c9a0b5c9173e1b95d1c6a119826748d77a45627ec674d79bec3b

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              da0e2c1f457725cf088f2e766ddbfc37e6dd5508c6172b4a7b3d70da5b5020b1bea0b17ffc08734b7a4797be042545cfb1600f480a9c49f28b6feab1c46ccba0

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              6271017c40347c61b575e6b8e97ae5fd

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              52851342ccc32c166a51bc7e39fcaa52ecf0062f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              6e314581d52714a7f548c8dd4a8309d29249cf326e783d7e5674a117f60a1bde

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              ec662244777ab7a31f49f043b0b80cdca20d4029f5dde80303fd03bdcaa53aff23eb6db241c2f455f39762a649d248acf79a6001a0b4375a3745baefb9c8f0fa

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a9109e00456693756d61fcc3ee2e1e3f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              9cf26cb4e3525445a04bd66a13948bb3e1ba3369

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              c387b91e6a9ff4195a0bc3beab358331bb414dda86f2355bb37343b4fd33673d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              1348348385f9a26ddf2400906bccd3e53c21ac3b97f3a2b6ea1eab73def95b8bd780d15f7d9a495d3a8e96260d2696ed0e57b7988eefeb777658df0099001222

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              6cbfb9032293a9ad2e9bc66ddf3ad504

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              15fb5631c2befa1d2ee967c06b59dd2fb8e69c60

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              b84d8f47a9e182ad2ccaf82dedd58aa4a29915ddc95c6a7a01009f3522211b1f

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              535b4706d39d7dfccdd8247ce40952cc8c19b1c9c3679f6ede19a4c2c0085962c2e80874308f2689bd95ffbbb6b974e8c687ad14c05d68caac89a79684709dee

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              adfcc4fa12d540de927760f1bfd9caf9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fa3637f3c9b611b55b96b78be5ba6abfdead69c2

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              63202137b41e627250942e3db0d0d573d7d34c13936ecba3c00daec7b1d1e819

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              0b3a036a80a22e69b84eed95b9ee4090780b846dd067d735d1299fe85a199fd48b14c1a5510db3addd250147086fd0052306cad657b6dae588aa2d20733ff78f

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              65f7bba699bc71d8952cbed3a30e79b9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d3cc85686a7ef5a05ee0141f4e9cf92fea249364

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e92ff4bbb652b62ba94ef4794e0cc2b3f56221354dedf987f2b9ead335e40a57

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              66c30e7f2a2e3f309201f9f4dd4782edc9bda10fe763d885ac7fb2cc140b5f874c1f8bc49cfc7136e3779382830478a36b455cfc05f2665b01d46daff3a4930f

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              ac37635650017f7b96d0600f7a58c53b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              25ad6324093a6c0197a68a6c0c05d3ccdfe6c651

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0ddd7153bf35880126d298eaff5c5f3a9c47fc070086c87d371c8209e14663f9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              7c40a2453e865115e450a580ad58b5f6a31246cfc3621619afc7375b05d36b23282ee0fb1398268f6e54964c9a80b79715cf223afebd3530300fef9a6cd794c3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c119fcea552462d3c488c3f40775080f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              5d4c2071adac2a79eda9bd0a013a7d689ec278e5

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a1c559d51e3789290cd098acdc290b1ad5c6c5d698acc5c5cbb29ce9930ed52f

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              793e765d33504fc2b451286d63545c97488529d92a9dd3680281f1de138d29410dd9d457b9eaeb777aad470e9c846a06a92daa1d732dcbb040cfc29b6d0e8b25

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              0f581ad7c97b972eb021f77b31f377d3

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              354ff694cde6c1a0e68e8572240d495db1402c82

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              daae64da526f92f501b1547c42111c001d108ba563d30ce16067995d55c9ac8d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c557b10e0689dc20032e66f03811af36f1c5dab2554bc0e658d052865830beee2796743e400ee53c511b35d1b2747449eacab38fdef4720212a7d2d9ad3e77e1

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a6488dc94598bf6b49a18ab85d549547

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              0e3f89ae2f772261c8c6251d557cc9c44a9fa6eb

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              523134673fb0b774d4bf9376360180f63dd838d5e4daf3d08d253c9b0cb49ebe

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              45cc909791d3c903248800d8ffc392335be2e081db62629cf74a6d9e047f972829c5eed01c9ef97840fb71d2e3d5628390ee05cc02529d343cd0acc3a4d5ee7a

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              262fd88d91a6c3943903c9e40a9c3b9b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              e466450089a30c7f82a81aa66aa67bd1e1fb932c

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              19c1344ea7ba2bf82207f37d3750afa397a9010deab7ff1c42e03bf7f8e0a28c

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              471c846dbdd5be610a65ee32939ae7591fcdae94d578f9b9e8925641cee6b84ce89da8b5f2f219421d59b802f6fd61581147b19f1d9f4734f1a1b72c462120f9

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d42aef7a02e800295680058bf6b624c1

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              3170f6389e449ae354854c838b3ecaf6620561e8

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              17ca17d6a83c80f351d01f3311386c18204a284658d116014577434d410732d0

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              f15480c6c7db54f78ff1aa32deba2cb67c68a14415c5c9868d0b566c5e2cfb332b798527c66b4b86584125bdd8b32dc493d757ff77c3af8cd1052004e1813664

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              69876e45c3ea871c1732550eb38d98e8

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              82f867f118c5bdbe0deba1f5500b318df2126357

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              8aa87eccafccb117da916309654d8a75bf8f11d377b8f884a153a06c94b1bef2

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e6882bec41f370436bdcab0e2df8db6b181d570725e543883c439e3def060541bf3fc001b54cb9d34a198fc136f74e7f1ffd27e7d26063531119705d6f8a493d

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              43771fee6c96eb933a1e1d4224a8f4f4

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              be97a238154d6134099276f4887d687d5cd5a523

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f730b3b5d27e77ff48399aff828323e9d7f58d86b278a81e85daab7462b7dbdd

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              707bef1b8b514039b2eae974d8837a5ac6ea65e453b7eb628a286566a52952a8727b3f3703d78a12b96a6ab783e52d3e2469be0ea13a3d490636bbaec5bb5053

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              07194c5d79d028f26f48b003fb6ca964

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              980bb976c859f6f5fbe4e822dd0754c5523d876d

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              3e8f748beb55dcc88f4cb24d556ded30cc1c8c95980c215e0397824278c0fde6

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c268c5d6f085f52c0ec20d413c9d66cb5b0fab356c4676ee949779648499869de6d702fd87bc2b2c729fafc26cc09bc02ac31b6ba524c24c5667b0e5b88377a2

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              5KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              356bd52d287c74319f80e9a012043083

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ce42f37863b0203182f8a32b7c0ed98bb02bdd30

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              02fecce97c39bbfb808cbb94c8d217afa2d52b7072f3980a50440d5d6cb3fcff

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              28da9e83cc83299b4691bb25978bf005b435b598b98360c7eb90270710b3bd793a734f1f3be2e80c5bba3160f75af9da2ff84573fcf9eee17ecbc2adaefed849

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              5KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a8232381d749c8662b1dbf661c16672e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              649c96368e1435966cba4e046941a35e242189d6

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              91f29f32177bf5ef1ad62ef544810f16fc3c9a30c234ae1af52c4851d265f6e5

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              0f43139cd184c20a4d1cb1881f228a0a8fbc6322313932c45c46bfd02383c16eafec86ec8551cd681f94213c16369058c407fe33b9c40ca3b90ea6ef6a987719

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              253f3ba6ba1480536f199289b5f0083b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              07e67858d505a61ea1fde34227dadf785706fdff

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f5e0aa32178f8c6dfa0db3f305bda8694d7036e4688971fb2f48d5cf1568cc79

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              726a57ebe0670758b75558ce30683347f8269d7f36fe53e58aaa2f22cfad28ae93ab1a82ef1908e01e91e3cb421f8fd3d36feda6ac1bc06aa7c998fd0b2d4c51

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              b26a5a2293b67094f41c90b1158f4bf1

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              5e74653541d460c93afe128c7233e022fda86287

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              ddf59a4ade58f10392a2609685a67691d1f6aa05fa7bf21eeddb4357df866fe7

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              638f56aa93d90ba1691822e486674bbdfb9bde42ce00bd1388e84ce866e32ec4c066beb17deb6e8aeb01e3e8722a7bdb5934f6593323501f59ac9a32ed2cbfc3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              4b23895b6b5a799274881e999b4a1f65

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              04d23fbb25a72053457a1e45bc07f821d3590f5d

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e79cc86a80351223574f78365f65a642e7193d993c479d5e7a19d6ded9bd0992

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              fa9b33731c09203c39a4c4cfc234c8cc4482cbb52b4cf67d657c0feb951e4f1e6444a29dbae1f3c1301fab423ef037c1c5ce9bb9e3a43fe524cf113cb152d5a0

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              caaa23ba34182a490c76c7197315388d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ccd0db0a24129bb3bd721cc494b42a840c239803

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              9309ba413f508697f1c1dd998310bd175ec4fae5c674f61d7163e66cab90c3e0

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              cfc6e78a461549bbedc5c692ae1735b07f8fc3de533c6547ace4880f4ffbfb69c8a68916a82bca9280b9154515d72e94112bf48b0a4086d499a5c124195b358f

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              64a6f2d59cc79a2bf907ff150953d38a

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              58a4f0f1b41d68e7270cc8e5eb875726ce20aa30

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e05cba4f98b71c5d31d0247a075982a134c317ca99b2296b5a5f20c71c709364

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              2697325adcdea07463200a7cf03b30a9b7b5361493ae82032ad8430a992715ff3abe6cb205a922f18cbfca08baa1917196ab8435bff0e77d6c0ca533f82f1cfc

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              115fabf40ebdfc3887c7aa9c211c7a20

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              40a02345a59f7cc9e20f54a55a79309652d93955

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              d54fab5cc533cfe208d418a7ff59cc45e49869ecfc14ec9b92571af227556150

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              3fd54ad537616da469dfa5c847873571f6fcbccd1471bad84036cae7a3921c1e7cd8058a8b4704de2bafea8865f26cec691a03fbe25a99bcba19b5b0221d8f42

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              49e0a7df536b8af394b8e6cd99089fad

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a4585e4610f26aa084a1ac686581b7a8ffe8776d

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              4f2dcf4563068aa07b5bcad7d8cce6d3e2f6eec738cc7f59a8e48937c0e56df0

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              79e69cf32651d6616266b46ce6f64e754a6624daadab144348b14cfa1478f60337870215168236423ec02331a28f8b6013a1665a4715f445934c63accc924920

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              22KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              798d5328d7d5c9e4b16261a77323e505

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d61cab4b2d66821501e5227ef58f7ce493c57d54

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f821e439c6c00938b34efc7b523fadac17328efe3efec8889f674bfd81d6d6e5

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              2c1128e3dc81cd43e74d212e6febd955e29342460a8c6e82291b7cd262c052be483b2e813a13c85c557bdb95a059e37429b0165a6333304a957c1fa2fb63b2ce

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              22KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              60aa9873edaf4b57c97e4201a87662a5

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              084bad6a18f6a55b3f2b9f5228527ddea2e710d2

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0ed51a9d87e23942c5a710fb628266c3f1ff7b647adab6b0c10f7c00c099297e

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              3c6860b9976becf87516f921dd48d75641792028949f49845ccb205aea6c08cab59ed5351ff4640180a4f760d149105b3303804657f5eeb128a7b019ad7d1ee3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              f143ca9e4770cd659f48f59e2ee3064f

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              5a106ad395f5a0e70ff2d62bfe4028bba2d0ec6b

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a5b77ddd52a3b63a0fae7fdd60d0a42936659872e4bb70288e3e6c025d741fc1

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9ae11e52ff2487285330ea40e676f101082196b214bf4afd0da3976cb5849a4ccbd7a09b88d2aac48a379b4d3e19ad960b71440eb4f28a2669f8abb68f1da3f2

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              30KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              ded8ba91ab7985165d5f911d3868aaec

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              312443cbe84d2339f48fb9caa88000252d528f1e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              444145931e7305c391c5fe98f4a96b6392a02e36df504cbc4ee87c924cad8bee

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9978270e7dc7619512565828b8b2fbedeed7739325c9559be6fd021d85ab176fcee38d0b1bc19a56e3244f2c059150e770489743456d2688eccdcee2dbbf7cfe

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              9e1578bedc8cb7bf7e47837c5ae0fbfb

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              5fbfa990b14e8f782cb88f1674a697a0f5588e8f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a406ecef090edb04855aa369e7097340b0b322d06324c940c36745746aeaba0b

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              dcddf33a89f2f15e837d068e00081af8b1172968ead00e517ea2a3ae61b288dd1e14297dc929a7234316b1db70c491063884ed346b1419904997bdaf7d0b2fc4

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              09d12b497aeb5584e5201986ee623267

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              42e6f55158203462f098c05a461f03fa86040382

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              7899ee13b477a84de0f01a9af5e76879eb8baa8211c1005d444aa59fab26f936

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              50bc63140d4e80c021ccb7230297283f730f1e95d6c120f6ab1cf8a519c2ef82e8707ce3d9603f0411656e8df83c6b83c5f771e69525d84c611f276ff25af9d7

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              21ab35e778ab03d01abfb3de47db3377

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a1dd74f86f02e431b1cb15f503e4791f771c14a8

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              8c076a6b4922551cf445cdd30c53f44246f45d3ecf3777eeb8ee634bd9d2ab92

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              60d22624066dd97bcce5f4991b37b35cdd2349ea53d46bbfeb0ce38e4730c986902d551bd1038017e895b63dea51bc249dc89ba70108e3b44968b838aad967d8

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              29KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              7075efd08d5318ddc6c34734664fd6a5

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              19e2a625a9999fdd2ab7d38491d241fd78db0655

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              40b001bb3a0702d8caef39cbf19a450cc29485c4061a3dc61c3d8c676dad40b1

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e8019eafdf4548ef72c51bc399d910638ec253233f323437d51f0f5269c23a0ec4ad6934884d9d657d518389d2770dc794e758dfae468fda813689f4dd96e176

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              85160932b7b391740d492bb58df7de35

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              52e20ed668861ed6f3e133b8a91fa5899c951499

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e4e67106e43ff230826ef6838d2bfe4fee55912738a1565187167878cc315147

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              35534b12e5a7e2ee581f3d7080eeb48a690c2be487d43e7ccbeb552f94f5793b687dab609c2f7dafce757f9d3e7a1ec4a706d9e7a82b7275aae92d2eb6a73b29

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              23KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c2a381593be60970df283454be07d586

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              86a97416cc69b29253cf3d5ad77a6afd85d04d92

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              c0d1b981d89a9facaa01545656d477919e682565d0196f58c2d7ac5c8df8c781

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              dc40169e4a6812c94584e31483b5b9e0531ada19453dd41624827356d689dd6067426f060ec4e8fec93c9bae8596e0ce6e93171cd329b9676bd6f846bda413f4

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              30KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              e0167a4ad9e1d240f613643add436f9e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              8ea0d32b766f751fbfa7d594a7b5bf8ab641ed7f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              66bb3a6e073c7f4a4bd9fe6b369f46e6edfc781a18f41e1d0b9fcdac09633e11

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              a61d7cdf5da88277a6d66a055824d060d82b7ae25092c555314177e60943d6804fbb72b3a3cf15981e47f60a5e79b6495545e9d50aa038acc7076ce07f9e3dc5

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              41B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              72B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c8e1826e3a283071611ae339fcaf3db1

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              161c40981fc4f0f6a01a71e496b240ba9dfc1cef

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              5d242d33b336409d463f0ab2fe081e1e3a39daf6519e86e61f0ffd3498eaac27

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              ed8ea5957dfffa7f0e96d0f802a5f37c3747879254851a78ffb63fae12cbffccb03df393b2a9d48f1cb1fa80eac3ff49866d8d33cc03de731c980179906bf8b3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe666a1b.TMP
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              f3e7ed6d6e0127774774afb5fa54edba

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              4924fccb716dc4f5d97c1dc30f4bff0aca5c703f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0d1799c4c3e2cb36be937eada64bb535f12d795d460aa34c788c2d70645120fb

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9cef8ecd1ddf77d10a7ec42924689ca6a85e4b137d5d5fc4dd4167e4464c1d505d1155f22f40da549bff24c074ef81f426a0518b30dffc1cbe57b0abf917fa7d

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\2\CacheStorage\index.txt
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              74B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              374e59d5f81d4a38553218f6f4b85a84

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              970fec6bfd365f06fb8f41cc735db488e3149ed9

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              13b71108b56c61caef407caf23ff15edc4feffdad1bd80723bfa4c40caed4567

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              73c92417b3a4238ae54f2d74f27a08f43b133743b3173a6ae7be01d56146b79ca6cf23994bffee4afadba3e924f0bdc6ce2362a48fbc51665af1ff6ecbb22fff

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe6612c4.TMP
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              138B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              57a8f767d16280a6ff870024366c051e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              0920723deef63764ddccb8881632657743cc03e7

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              b560c3508100590149e3868250f7f66237553c61d31b194631bfecd8311d4666

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              55cf7f9a5da288290e25ba5a6a559dc8cc920e62c3bfae3a0ce495ce0f29be254b2dce5a8ddfa5459adb8187b8b24157ff31c9b40c30f31a45830a91b32af167

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\4\IndexedDB\indexeddb.leveldb\MANIFEST-000001
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              23B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              3fd11ff447c1ee23538dc4d9724427a3

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              684533914d73b02a101c20924b39b8ab

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              90f368898f86fb2733cd92633f898959e3303090

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              1237291f9583cf1b52e8407e6fc7f9b4c6af6a3969b549caa4f76101e0df430e

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              bd04cff89502f96db938fdb4aebb2c49bb9654a28820c93726a8da96d6255924c7b06a74fdddc21bbc2741b35464552b38d6575e6e64df837cd8d3084f0f13f3

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              9ee4d3a49ef880a88d95d2e9eb47d5cf

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              49e4d3b809d8dfa71f6164088eccbdbf5af01b5f

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              76e7d00b4d2f2d3b06ffa1a2e2c5f9551f4ce2b0e220f10d93aa5247ba0a65b8

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              48f3e3c273b0bb750b060fffc9b3a2e4b17ac768375dbd46340adaed86b6a5850f49ebb2f364fc7b87e1303e601e6b7268b4f8f2a5c2d704d3d21dd0bee143aa

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              107KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              8a7f4bb801aea16566340f70655540e3

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              745f4bab5556dbea55309c56fddbeb8eb307a07e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              231d7156bfdda9ba82fa53c6edb137ec0875c21eec9a2851da7851b8831cb0b9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              b7fd14116b2bcb9dbe3938f6e2e1457323a574694acee49b9971ff5850878e67f7568877a4e5c5c33c327f9654d5a9a3ea8c75aca3e497615a82392050e53160

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              c2b80a0f30c5af44ce6d96095b293631

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              6ed6d17115ec9b2b4e4823930bee38238d0b57d1

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              40def2fb193ba036b28d02cfe38262101c008f5f67181fa0a848e06f12e2e3a9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c51a735c3845d1a43446e90dc1ff286e9c3741684fae02933a22233dbc00fb1ab566cb3b10366758bc72872d12c6793d5c9635c05d88d8d25ce6d1a1bb062224

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d97c4b21ad88155ce7d60685b3765c60

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              9ab70a5720a7824467729a31f6483ace9b60828a

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              ca42de57c718a7b14c44253645c1d6f7dc403a5b6efbef5f605517edacbe0b1c

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              ca444d9f0a411479b9dfaaaab89ef0c1bc5327edefaf2caade4d156b31543cffd2882be849e9ebaa3afdf37c5c87f01a5bea423c09a3e7153090add5b892d4f8

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a5b4cae3f372c7b2394a438dedb02a82

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a66da1c4441a145a6eb08a931f764777ea3fca02

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              5ff485d33df6d6d3301170663dae92d70c28998862769a232ba3894d9da45f04

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              f707f1e712446601f9906affb99a26190ab5d56906164f906be20f81025c36bdeba1708b613c70ee42610b2a5d65f6773d3af0bd4b3b0bfcbb0bbf24d71fbc55

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              242b594fe799ce738a86ee40979ce2cf

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              18ad44701de887ac42a5a2b53528849fad53eb61

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              b7c2f98f8894d25797083ba646b3c87ec60bbacb48b4752f676da1ff4f0773b5

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              d5a2a611eadb1774330db64b1af095e6dfc5eb7667c56c11724e15b3a8085df49c1a990d857fa652fb4b5bead0dedfc9c90d3f409630169ac828572258ea3407

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              8c3cc9e5451d9e1e37903d6f4871d9d0

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              9a9267cc07119a0bd9b32672a4121b915eb9b230

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              bbf52973ff8c4a825b2bcc529e4aa5466134eec128731ae9ff3ad8eab23076d1

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              cb5a26e16a7afbc3e45220f8144aa8d2074a098251467fa7be3dbcb7cea0791b0e8a83b0d8f524313dce9e91b4d425039143453b14b1dfabe6e4a1154b9eaddc

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              3c90c13831dd932fe8e55f69f33279d8

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              867c418b00eb9e8175bec8a79e1fff9ad64b4511

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              daf9c2c937a94200a6c8d4437c525499153bd8c72ea92c62ad2e32be6d3664bd

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9a53d628882801c214cc0be9897ec065b81d80dabcbc4fa0f57a0174fd5154f9ba91811101d742564250ffbc7db1be73fefe3a27083521d68c6f2b4c6da0c2d2

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d3cac33363eb5fa07cf4572fa8b89bbc

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              aed76716532d223fb34da9177fe76639c10cda9b

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              b0a799f9c016fffe624ca935b244987ffd760ba32f40bba190ecb05bb3b6b7fa

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9dcfe42e95dedbccb2ba2d4786aa8658d941f3fd3f719904fac9a9c16692b4d335052de6f17a0a2eeab0dcc4a130af7b9cb8148bf8bbb3e09002c339c674f1e2

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              3ac39698f51e458c5555867246547401

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              1a5c62525038616acc03086daa9fb2ef05522ced

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              aa79f146036a8cd8b3148838c29fafd115d99413e454c7be521d0de13ffc30a5

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              73be9200827dec077f838ff8cce2965fc0427bba4ee3a8ad725da473b57bd2d0930d75f18dcc2b8f4cb64eb8b7ebf4ae14c5752df9108b4aacf68c994eeec002

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              cff6ff217a2e50d63c8e5b86cd58d39c

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              55691c281481cc2703893c6c576ad58642511c9c

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              f1a0f1d7a2d38ae587aa2e17298b9c69fabc7674c57734bf2e55be82c3667bd1

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              7e3a20983a11ba6c200d7e18f748322aa944b707fa8b706693ec6fb51f598eb04d38336d30659b6af9171ff6174f5aeb6252221a176a9ce940d5d270f393e059

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              111KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              4462963ff39723eb8985dddc16adee89

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              0eb2f93a25aa955bf41ae3913dc694af0155cec9

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              68a09258ca865d089c5f9f7c9f57a88bbcb814710ebc172beb267edf9d252c20

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9e149390b623e9aa67140998911b211b33edb7cb5e6adfae4fa1af08d000e614446014c14f9c54f4a620f11e18278fae85a4ab46fd02dcba062e927b58bb5859

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d3927f6cddca1563c93cd070caf86893

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              b942d05f5aa357d4ddd28f2ccabc442ccf2dd393

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e19fbccddb261a37a8096b54c3fcb93f081e55acfd755533ed84bec5851f6922

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              a4f78219483baca21610bcc5e0ce5e2b9ad40086016aabd005e28caa47f38a6382ead1802a133540b12b577c6f8f2af011e4507d12bd5524949f8c9c2cc9769f

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              a75826c5ba94ac7de3a925d8783d67cc

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              d1e6b4dd62585391bedccf6b99bd0b608107ca2e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              d2a4fcfc7b6c0c88ee7d3a52e766a47235391d494996a157f6eed0df4e30dbd2

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              488af0f33f0b3c875c1d342fddcb4f3002b18e18b4fd51cf793eb7c4544587eb6c26bc91acc137676591e2880ac34638a64322a8fd944011f670e18480525190

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              112KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              507342a70a3449f6344e85129ebfefe7

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              daacdea883ae98a1389c274d53465090155e22a6

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              95e06dbfdecd47e82fc1d813fe2a8547a32a77f757040c94daf2c9bda0674a3c

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              5fd8a65bf9317505b264731cf0355338a39227651313a8b9a3da258d547c80d11dfd0bd99429779bf34213a2655ba7fd7e4e8c1cf7629ca8dde4b79ceddc2d7b

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              14B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              df741b3f19d9dc2621eaf973c8c9fa9d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              f45f1d9791c05366a8a23322d497c89957e75e61

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              6e5ddba6d7aa3b287ea364034e1f843e4146ff92c07d8426f4a7c4b0e6435006

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              650de3f99038bffbfef41a9acc0a06e15803550c6456d0bdeac9ebe18aea94ab3a0bb7d85b7a0230ce6f510f5e26fa739fe58924f355d7e3714ec37daa4c70d2

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              209B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              34dcc886e0b63cbeaca75a96f732f171

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ebdfec0f9a28e4ce273f734199a08399cd2e13e2

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              c4f83a1c73d3cbc1d9c8e007426e62ecc360a2c3734acd397a9934b440fb29e9

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              8d938122e2c517b9d1a0d6bcf5cc571792e57aebc181b2c095e3bf1ddfda2f822424c0b0484cdbe6de830d9000196c1a232e606d0a17dfec7fecc4a0217a9b42

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              9B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              b6f7a6b03164d4bf8e3531a5cf721d30

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a2134120d4712c7c629cdceef9de6d6e48ca13fa

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              3d6f3f8f1456d7ce78dd9dfa8187318b38e731a658e513f561ee178766e74d39

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              4b473f45a5d45d420483ea1d9e93047794884f26781bbfe5370a554d260e80ad462e7eeb74d16025774935c3a80cbb2fd1293941ee3d7b64045b791b365f2b63

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\$inst\2.tmp
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              36B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              8708699d2c73bed30a0a08d80f96d6d7

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              684cb9d317146553e8c5269c8afb1539565f4f78

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a32e0a83001d2c5d41649063217923dac167809cab50ec5784078e41c9ec0f0f

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              38ece3e441cc5d8e97781801d5b19bdede6065a0a50f7f87337039edeeb4a22ad0348e9f5b5542b26236037dd35d0563f62d7f4c4f991c51020552cfae03b264

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\$inst\temp_0.tmp
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              176KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              bc82784f4aa47bcfed93e81a3b9950f2

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              f5f2238d45733a6dde53c7b7dfe3645ee8ae3830

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              dd47684334f0a2b716e96f142e8915266d5bc1725853fd0bdc6d06148db6167f

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              d2378f324d430f16ce7dcf1f656b504009b005cdb6df9d5215fe0786c112e8eba8c1650a83192b6a9afad5892a1a456714665233f6767765619ccb5ff28e2b8a

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\DOWNLO~1\DanaBot.dll
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.4MB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              7e76f7a5c55a5bc5f5e2d7a9e886782b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              fc500153dba682e53776bef53123086f00c0e041

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              abd75572f897cdda88cec22922d15b509ee8c840fa5894b0aecbef6de23908a3

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              0318e0040f4dbf954f27fb10a69bce2248e785a31d855615a1eaf303a772ad51d47906a113605d7bfd3c2b2265bf83c61538f78b071f85ee3c4948f5cde3fb24

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Desktop\download.jpg
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              56fbf19f51071d88589689128bc6f5a9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ca772217244ade7980e00b9a42d34852c7715ff4

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              da60e792825f395803f4b428dd29446c459a1de8cfcafec7044cdeb31418073a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              60be78d3d16344f3758f31bdba2066169caa54debb1b10768543b0842cb8db3d8c570a198be42de54961e639663eca331673f0f5434b1066bf2ab2c6f2ca03cc

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Lacon.exe
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              12KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              cb0f7b3fd927cf0d0ba36302e6f9af86

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              32bdc349a35916e8991e69e9be1bd2596b6321cc

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              9b3f73a12a793d1648f3209e1e3f10bbb548b1ec21d53b8ac060b7b95ae4ef1f

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e6152f3645d73c63f3f3aa9881fe8b404f9794b14a8ecaea659621828462baf042c13c88bb7f2c32277fa854ceda3056d09aa5603e92b107c6c8194464154252

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\MEMZ.exe
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              14KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              19dbec50735b5f2a72d4199c4e184960

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              6fed7732f7cb6f59743795b2ab154a3676f4c822

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 221754.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.7MB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              48d8f7bbb500af66baa765279ce58045

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              2cdb5fdeee4e9c7bd2e5f744150521963487eb71

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              db0d72bc7d10209f7fa354ec100d57abbb9fe2e57ce72789f5f88257c5d3ebd1

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              aef8aa8e0d16aab35b5cc19487e53583691e4471064bc556a2ee13e94a0546b54a33995739f0fa3c4de6ff4c6abf02014aef3efb0d93ca6847bad2220c3302bd

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 36062.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              396KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              13f4b868603cf0dd6c32702d1bd858c9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a595ab75e134f5616679be5f11deefdfaae1de15

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              cae57a60c4d269cd1ca43ef143aedb8bfc4c09a7e4a689544883d05ce89406e7

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e0d7a81c9cdd15a4ef7c8a9492fffb2c520b28cebc54a139e1bffa5c523cf17dfb9ffe57188cf8843d74479df402306f4f0ce9fc09d87c7cca92aea287e5ff24

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 386258.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              125KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              ea534626d73f9eb0e134de9885054892

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ab03e674b407aecf29c907b39717dec004843b13

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              322eb96fc33119d8ed21b45f1cd57670f74fb42fd8888275ca4879dce1c1511c

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              c8cda90323fd94387a566641ec48cb086540a400726032f3261151afe8a981730688a4dcd0983d9585355e22833a035ef627dbd1f643c4399f9ddce118a3a851

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 533131.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              22KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              53df39092394741514bc050f3d6a06a9

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              f91a4d7ac276b8e8b7ae41c22587c89a39ddcea5

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              fff0ccf5feaf5d46b295f770ad398b6d572909b00e2b8bcd1b1c286c70cd9151

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              9792017109cf6ffc783e67be2a4361aa2c0792a359718434fec53e83feed6a9a2f0f331e9951f798e7fb89421fdc1ac0e083527c3d3b6dd71b7fdd90836023a0

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 587916.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              33KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              94ec47428dabb492af96756e7c95c644

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              189630f835f93aaa4c4a3a31145762fcbbb69a32

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              0ae040287546a70f8a2d5fc2da45a83e253da044bf10246ae77830af971b3359

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              deff74df45328126ac4b501fc6a51835eeb21efa4ae6623328797d41caef6a247b47fc1c245fc8f1d434c0eea3b7c2801b65ed4957e91a50e7b73522502e0454

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 895145.crdownload
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              da9dba70de70dc43d6535f2975cec68d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              f8deb4673dff2a825932d24451cc0a385328b7a4

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              29ceeb3d763d307a0dd7068fa1b2009f2b0d85ca6d2aa5867b12c595ba96762a

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              48bbacb953f0ffbe498767593599285ea27205a21f6ec810437952b0e8d4007a71693d34c8fc803950a5454738bea3b0bafa9ff08cd752bf57e14fedf4efb518

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Box.exe
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              438KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              1bb4dd43a8aebc8f3b53acd05e31d5b5

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              54cd1a4a505b301df636903b2293d995d560887e

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a2380a5f503bc6f5fcfd4c72e5b807df0740a60a298e8686bf6454f92e5d3c02

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              94c70d592e806bb426760f61122b8321e8dc5cff7f793d51f9d5650821c502c43096f41d3e61207ca6989df5bfdbff57bc23328de16e99dd56e85efc90affdce

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Free YouTube Downloader.exe
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              153KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              f33a4e991a11baf336a2324f700d874d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              9da1891a164f2fc0a88d0de1ba397585b455b0f4

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              a87524035509ff7aa277788e1a9485618665b7da35044d70c41ec0f118f3dfd7

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              edf066968f31451e21c7c21d3f54b03fd5827a8526940c1e449aad7f99624577cbc6432deba49bb86e96ac275f5900dcef8d7623855eb3c808e084601ee1df20

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\Free Youtube Downloader\Free Youtube Downloader\Uninstall.exe
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              110KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              ab648a0df4fe7a47fe9d980c545b065d

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              ce28ea7dd117289daf467467a592bc304c72d4e6

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              905a849721ec95ab08754aeee9a60b3ed435d36962466fcbe5cfca63dfc455cd

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              7ae99da55fbf1c31c5281e5f4e10ab2bc33b89effeee82b574eb4b60541c5ea2913d5d99836608873da372c78e75436ae7e535568f48d81cb9dd26d2cc1b3a8c

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\SysWOW64\Bndt32.txt
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              54B

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              e8744d83bd2476be93a2edcdd244538b

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              22ffcc3d10de71e7ed7ae5a272ae195dd0e9a117

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              d23b3db3027d6f901104d374f254d1296f2ca68dde0bc52b5b60e1305876b7c7

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              e71ce02064fa90fed302b5787eb38ff12de610327da1b7d037310183e36c57ef17e3e604be23cca6a0636c03a153505b320d3fd4db9e51ec629787be885531ce

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • C:\Windows\SysWOW64\shimgapi.dll
                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              8750df7c3d110ebc870f7afe319426e6

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              a770fff05a829f666517a5f42e44785d6f0b4ae7

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              fa3f934083746a702de18b927284f0145d4b82a92f2111693e93a4f762b50c00

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              dfcbc2ba358ec40143e842d5242781a59943e646f50c41010a8cc4e2c5a15d5b19dcd2ee9556a0317ca73283e84d1f9d1b0b8b7470b493fe38e4e027336b8a2a

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • \??\pipe\crashpad_5596_RELFOLRXKRDZLFWP
                                                                                                                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                                                                                                                              d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                                                                                                                              da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                                                                                                                              e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                                                                                                                              cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                                                                                                                                            • memory/924-689-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-533-0x0000000000400000-0x000000000069A000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.6MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-506-0x0000000002B10000-0x0000000002D9D000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.6MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-505-0x0000000002890000-0x0000000002B0A000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.5MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-532-0x0000000002B10000-0x0000000002D9D000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.6MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-516-0x0000000000400000-0x000000000069A000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.6MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1540-531-0x0000000000400000-0x0000000000AAD000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              6.7MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/1972-918-0x00000000004A0000-0x00000000004AD000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              52KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/2760-1010-0x0000000000400000-0x0000000000454000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              336KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3360-1469-0x0000000005500000-0x0000000005592000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              584KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3360-1468-0x0000000005A10000-0x0000000005FB4000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              5.6MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3360-1472-0x00000000056B0000-0x00000000056BA000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              40KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3360-1467-0x0000000000A90000-0x0000000000B04000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              464KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3436-559-0x0000000000400000-0x000000000066B000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.4MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3436-542-0x0000000000400000-0x000000000066B000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              2.4MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3996-687-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/3996-623-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5192-535-0x0000000000400000-0x0000000000AAD000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              6.7MB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5212-702-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5360-706-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5360-674-0x0000000000400000-0x000000000040E000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5468-1006-0x0000000000400000-0x0000000000454000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              336KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5468-1008-0x0000000000400000-0x0000000000454000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              336KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/5624-1120-0x000001A5D64A0000-0x000001A5D64CE000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              184KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/6036-906-0x00000000004A0000-0x00000000004AD000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              52KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/6036-909-0x000000007E1A0000-0x000000007E1A7000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              28KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/6036-911-0x00000000004A0000-0x00000000004AD000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              52KB

                                                                                                                                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                                                                                                                                            • memory/6036-913-0x000000007E1A0000-0x000000007E1A7000-memory.dmp

                                                                                                                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                                                                                                                              28KB

                                                                                                                                                                                                                                                                                                                                                              Download