hxxps://mega[.]nz/file/8zdVADbQ#zgBChae6OAWDlXIIXvyN2uTShbQUcxQkIfMD9eQhdQM

max time kernel
722s
max time network
732s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
26/08/2024, 22:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/8zdVADbQ#zgBChae6OAWDlXIIXvyN2uTShbQUcxQkIfMD9eQhdQM

Score

6^/10

discovery motw phishing

Malware Config

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
215	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 12 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic"	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NOTEPAD.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	notepad.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	NOTEPAD.EXE
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3761892313-3378554128-2287991803-1000\{F6E7534A-4648-4B74-B41B-C9B480B503FC}	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	notepad.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	NOTEPAD.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	firefox.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NOTEPAD.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	NOTEPAD.EXE
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3761892313-3378554128-2287991803-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\nexus.zip:Zone.Identifier	msedge.exe

Opens file in notepad (likely ransom note) 3 IoCs

ransomware

pid	Process
2748	NOTEPAD.EXE
1908	NOTEPAD.EXE
5088	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 23 IoCs

pid	Process
1672	msedge.exe
1672	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
1840	msedge.exe
1840	msedge.exe
1920	identity_helper.exe
1920	identity_helper.exe
2260	msedge.exe
2260	msedge.exe
6140	msedge.exe
6140	msedge.exe
6140	msedge.exe
6140	msedge.exe
5556	msedge.exe
5556	msedge.exe
3308	msedge.exe
3308	msedge.exe
4608	msedge.exe
4608	msedge.exe
5116	msedge.exe
5116	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
2748	NOTEPAD.EXE
3308	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: 33	1112	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1112	AUDIODG.EXE
Token: SeDebugPrivilege	4832	firefox.exe
Token: SeDebugPrivilege	4832	firefox.exe
Token: 33	5924	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5924	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 60 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
3304	msedge.exe
3304	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe

Suspicious use of SendNotifyMessage 18 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe

Suspicious use of SetWindowsHookEx 36 IoCs

pid	Process
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
2820	OpenWith.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
4832	firefox.exe
5732	notepad.exe
5732	notepad.exe
6028	OpenWith.exe
1908	NOTEPAD.EXE
1908	NOTEPAD.EXE
1908	NOTEPAD.EXE
1908	NOTEPAD.EXE
5760	OpenWith.exe
792	OpenWith.exe
2748	NOTEPAD.EXE
2748	NOTEPAD.EXE
2748	NOTEPAD.EXE
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
3308	msedge.exe
4608	msedge.exe
4608	msedge.exe
4608	msedge.exe
5116	msedge.exe
5116	msedge.exe
5116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3304 wrote to memory of 3864	3304	msedge.exe	79
PID 3304 wrote to memory of 3864	3304	msedge.exe	79
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 2228	3304	msedge.exe	80
PID 3304 wrote to memory of 1672	3304	msedge.exe	81
PID 3304 wrote to memory of 1672	3304	msedge.exe	81
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82
PID 3304 wrote to memory of 3368	3304	msedge.exe	82

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mega.nz/file/8zdVADbQ#zgBChae6OAWDlXIIXvyN2uTShbQUcxQkIfMD9eQhdQM
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffee69a3cb8,0x7ffee69a3cc8,0x7ffee69a3cd8
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:2228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5276 /prefetch:8
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1724 /prefetch:1
  2⤵
  PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1
  2⤵
  PID:5616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
  2⤵
  PID:5760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
  2⤵
  PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8284 /prefetch:1
  2⤵
  PID:5696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1
  2⤵
  PID:832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8720 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9276 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
  2⤵
  PID:248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10048 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10180 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9916 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=10600 /prefetch:8
  2⤵
  PID:2640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7296 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9380 /prefetch:1
  2⤵
  PID:5148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10100 /prefetch:1
  2⤵
  PID:792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8920 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7924 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1
  2⤵
  PID:5148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9740 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9724 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10228 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8236 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7896 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10176 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10384 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7772 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7824 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9596 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9012 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9420 /prefetch:1
  2⤵
  PID:5956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9232 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10100 /prefetch:1
  2⤵
  PID:5672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9632 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
  2⤵
  PID:5476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8944 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10300 /prefetch:1
  2⤵
  PID:460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7820 /prefetch:1
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10704 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8084 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1
  2⤵
  PID:5156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,15527990091249924585,8147289557915618987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1
  2⤵
  PID:4684

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1064

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3144

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004D0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1112

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1996

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_nexus.zip\nexus\proxies.txt
1⤵
- Modifies registry class
- Opens file in notepad (likely ransom note)
- Suspicious use of SetWindowsHookEx
PID:1908

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_nexus.zip\nexus\Trans error.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:5088

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_nexus.zip\nexus\combo.txt
1⤵
- Modifies registry class
- Opens file in notepad (likely ransom note)
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2748

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:2820
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\Admin\AppData\Local\Temp\Temp1_nexus.zip\nexus\Colorful.Console.dll"
  2⤵
  PID:2896
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\Admin\AppData\Local\Temp\Temp1_nexus.zip\nexus\Colorful.Console.dll
    3⤵
    - Checks processor information in registry
    - Modifies registry class
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    PID:4832
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1932 -parentBuildID 20240401114208 -prefsHandle 1836 -prefMapHandle 1828 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2831a8de-e092-4354-a8fd-4e266dcc69b9} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" gpu
      4⤵
      PID:2384
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2368 -parentBuildID 20240401114208 -prefsHandle 2360 -prefMapHandle 2356 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49772037-985d-4ca4-a036-2a8432b85e11} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" socket
      4⤵
      Checks processor information in registry
      PID:3284
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3200 -childID 1 -isForBrowser -prefsHandle 3224 -prefMapHandle 3068 -prefsLen 24739 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {586c2c81-b9f6-4126-b857-5b819d098b1a} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" tab
      4⤵
      PID:4732
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3560 -childID 2 -isForBrowser -prefsHandle 3552 -prefMapHandle 3544 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {53ab7bd9-6802-405f-891a-7a4ab30af0c1} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" tab
      4⤵
      PID:3944
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4796 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4736 -prefMapHandle 4716 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc870744-eb6e-43d0-a11b-95a335bfbb3e} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" utility
      4⤵
      Checks processor information in registry
      PID:3096
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5588 -childID 3 -isForBrowser -prefsHandle 5616 -prefMapHandle 5604 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aac25e2e-4f0b-452e-a16d-6237f56b5330} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" tab
      4⤵
      PID:4936
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5772 -childID 4 -isForBrowser -prefsHandle 5532 -prefMapHandle 5456 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a66fd1e-8216-4a8d-a941-9c9c659ed043} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" tab
      4⤵
      PID:5148
  - - C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5892 -childID 5 -isForBrowser -prefsHandle 5968 -prefMapHandle 5964 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {26fb3b6e-4438-4ced-b96a-fefeec6185a7} 4832 "\\.\pipe\gecko-crash-server-pipe.4832" tab
      4⤵
      PID:5160

C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe"
1⤵
PID:2076
- C:\Windows\system32\notepad.exe
  notepad
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5732

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:6028

C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
1⤵
PID:5436

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:5760

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:792

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004D0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5924

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4c3889d3f0d2246f800c495aec7c3f7c

SHA1
dd38e6bf74617bfcf9d6cceff2f746a094114220

SHA256
0a4781bca132edf11500537cbf95ff840c2b6fd33cd94809ca9929f00044bea4

SHA512
2d6cb23e2977c0890f69751a96daeb71e0f12089625f32b34b032615435408f21047b90c19de09f83ef99957681440fdc0c985e079bb196371881b5fdca68a37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c4a10f6df4922438ca68ada540730100

SHA1
4c7bfbe3e2358a28bf5b024c4be485fa6773629e

SHA256
f286c908fea67163f02532503b5555a939f894c6f2e683d80679b7e5726a7c02

SHA512
b4d407341989e0bbbe0cdd64f7757bea17f0141a89104301dd7ffe45e7511d3ea27c53306381a29c24df68bdb9677eb8c07d4d88874d86aba41bb6f0ce7a942c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
93KB

MD5
58898bd36c0cf1717e44676064150502

SHA1
c76f128524936d5e428b017c265e61a34163ef87

SHA256
bcb66b425cc3dcdd73829883ab9a8516248c21549d7551e4295d0029e9633705

SHA512
b97d83c57d20e32317853fa0eb6af7e3dd8dee84967a36498e65f07c55cd18ba1b017f6c9e11237f025104ed254a00488a00f0a91f7bbdb267cbb9fb6b9005f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
112KB

MD5
e3280e687ddbde57ca1cc07a5d26908a

SHA1
67eb644bbb09f272eae72c6fa4e6772ffa66b175

SHA256
ccf160bd42a057dc544fd0f817c0ac91269ca878c11704d915740a6aaf2b164f

SHA512
d430c6fa4405969a6defb70d16574f5323073bc4174ed0d6f8305ed617f6c179b32e158ac116e44f199f0aafc641883f86f1d45362605f8cfe5ca34b6afb0dbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
120KB

MD5
0476a63552b5bb89c3ae7ab7233865a7

SHA1
dd94e11fb1142c9393a1d1a7b9dd24d12e8eeded

SHA256
ba7b1d49800c623fa8b95962ed031bf64427aff4ddf8eebb8ec4b50591d70a91

SHA512
2de722bd2d4a0e09a6d1fcf19248e2f754fac7ee7ced774c90da05c7cb9b66e0cc91bc605e368ab90e8cc7c9ae31e565fadbfea40b224754108b024f5b80730a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
111KB

MD5
821f7937f2d12359ef493170774809da

SHA1
61319639cffaeb2c5aa9bf4c25f5cc41ee794cb1

SHA256
d6bedc68e666ddff5d7f84ab6d2cf3a565f48281e526fd3e872aace80ae489f8

SHA512
98693d23805e7905ce7f5c33509470ecd9ec50f4362f74493629d2fee3443c4fc348520ea6bbe2a819c7f84b74b314b4d763ed4a2f10331b41db3a2204e41e8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
111KB

MD5
bbca28e60faacb0df3a5549a27d46cb8

SHA1
434897bbffc1191cd175bccbe8363431430b93f9

SHA256
628848de433519089c32b2c90c61e6e0dc7b20bc88e40b050f98bbdc2d714db0

SHA512
5a46adaa5655cdf7f18bdc1f2237fde615d2a334722b56b0f64849e108fe211b240a7963f7c446a8e8f5a30bb0f35bc3a64047c00427eeef01e967cb2a07b0f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
107KB

MD5
1d9728725ce5efb1431f9e34fd892aba

SHA1
66a1654bd90939bbf4524c5ad531b0f34fbb9e26

SHA256
52cddf08a03261b3a410a8157221c9f3f820a68d6415134f90a938a52da83b7b

SHA512
3f0ce092a6230177bf6e450779733a6dc064464b12918246239b6b6fee168be4b4a5f8c8ab42d2047ff259d0b3243249808bfc703bf4ee4ff7438f92768145d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
113KB

MD5
70d5d9f12a6bfd8cc9e225e89746ed71

SHA1
8c0788d9d39e03b1b4a818dc08ce51168c7e259f

SHA256
50d0f362d209c6b3b642d701a8e3acbef1d3195aef112fc1ef31c42b1d18feee

SHA512
1896f0870ce2f336562745786b29523afe3460218c386d9995c94b3b03bbdcbcc4d876b5abf68555a0253db6b9d0065e67fc156a9e5289faf8b1213623d073ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
75KB

MD5
6dc599d37e91a003ee9cf5e6e40ce95f

SHA1
bcee73c8832ab1b59c77bb19aee2a22bf1acf5ff

SHA256
0062b87c35c362c55b78ab2a256dbf06d452f79d1bca4101ae595b905c865a48

SHA512
cbedf732062b04af2a0c9dc5f25171a40ece4c7e42ae0523d4f097315f30af66b421bde5dab15dd8e0a726e404da03a65dd4c806952dab5f052401612dd7710d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
106KB

MD5
954e1945d8ed1abbdadab84d19c29655

SHA1
c8743bde03cd97f620e2670d1570047a01446610

SHA256
9cf4f298e3136eb22a6cc440ec61c98f5a60f42c86e78065fde15454affbf80d

SHA512
e595cdcd221ff96fa48bc62986f610ada73fa5c8b7b54ba3130ee617110106085fed43e8fa7619acda076a66208cd9e046b674966295318472aea27ca7739506

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
68KB

MD5
0722cbddc151cb258a212b676630cc7b

SHA1
b35ffedce82f65c0faf3dab2df58082b66919d2c

SHA256
920ec29678c6b4005e333a3dd38a1feb029d2f971f45897c91cc8b5b46edf0c6

SHA512
66233910b566e1619b0ed0551e1c9bdd590231b7020714c8bc9e3d7a1b2dcc99451d784808572b62c70504a2fa8b569c55c3c413dad972aa0cd7b083b8769547

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
85KB

MD5
72f90c07cb970a8392fffb237fc2fe55

SHA1
dea3a6aedfc97b8e2c566e7e69348d1ff85ea50c

SHA256
24b292b81a534282effd164484ca43a4eb9da02c3a379fe74400a393c63a6737

SHA512
0d7118b7570bf27e9a845211ed886189f3de35ac4963005c46bf48aab347bb84064cdf5137491dd15685243dc1980261acc4a6c571e2c6e34e3045f22b181f15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
115KB

MD5
a01e41d6b80854620240c7be694b48f8

SHA1
2d6e511d28245dfc09ddcf18d92751c39af04c13

SHA256
767ba28fbe8a809d4143457cf45df7f5c9b6f74dac0ed00bbe95d06bc7f98f82

SHA512
6ad58aee09966250e452f73b3e64ab37b2bb4cb63128007a7da018bfa639323ae4a2d7a1559f88354c983c08e554bf6d590adf5e2520865826038703344a92e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
29KB

MD5
19322b8d6faeb55d56ae4014475dc22e

SHA1
386506775d5d5a101e590b161334d4974156ae8b

SHA256
22fbe3fedce0c2551ab0243fc1f19a7d0e9c359164b0db38f9c66ba870d52bd7

SHA512
c174932fb311e5eadd99147c71222d206185a9db15789b3a5538535d460d3157ec4e6138152367b66c19cc3cda258d408df295cb8a47f378f6aa544275f728f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
106KB

MD5
56429a9f0e6de34789a8fad37251cae3

SHA1
bf0573da8f62db6af8617ace57a3a0010cb197e2

SHA256
69a8002ae4cbcad232453a56d1bb4a79750055ff2ac968e9e21950acf118bf4d

SHA512
b74f99e7c4b308db80f33e344818dac3e47b6a20a26132e98a3f3f189569f0d1bfa7f2e32a880bbc59b3ac9611a41eaf87c85b71d9eeb33be79d39cdc84dd08c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
75KB

MD5
1cf7023109d36404342267c17df0aa91

SHA1
bcf9297d49103893aead73ddba3eb8b7c1347a01

SHA256
db82e735117047091b4d24c57ad0e0a03fde227ed210612d41018b1f6c64ac40

SHA512
98991a134068245fab95c1f56f87c15d83727d05638385c4653735e9f41d2860da9f682db3f969fb596ff7469fc218d64bf56ccec292b0cbc3a5e904583ac70e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
114KB

MD5
fc753af44eb366b65ef9ee14dded8c58

SHA1
b6f0a5f7dc4db8d8d596d93a6b5adcc3cac3a7b5

SHA256
48c79805763278220b1d85dbe6672ddbb4b9606ad69a79e3747d65449b1d1560

SHA512
ba54a1bfdf615e83f6b623a8906194fd27204998ac2ad1fac1b802f2fa2afce1e3f0336d9c50ee086c5664c2a7f80e975f0fb7a345ca7b45a828f1f69e56d63e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
102KB

MD5
431445df8a09aeb944fe6fa0ef8e01a5

SHA1
27c0ba7812211302b3a62c7c3a2e3f528c8fb848

SHA256
e0658feae4416667af470a45fa010c7001dad5af8982c4fe054d354fdf8f1c33

SHA512
45fc620221db9882069f60e84409b9b980fa12a24196151e6e15d916a83f23d3ec7e1494a7cecf4de0e7726b7b914e13719444823703a6ec57ea78c92b413549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
94KB

MD5
66c71a97581772194eee208b800a3a8c

SHA1
7b827a2f6eb1cdf413c6d42c44e2b13fd69da03b

SHA256
61294de5415c7bf6d3375427a3ce24d8d11e52842ad663f22b6789f6343c7697

SHA512
8420660dc7023827b72ba71829c09515ceb917899178161ee8f7b9af6c8921fa71e111582bfaecfc0ff58ae19469760dea68615647ef5869ebd1542cb9be7042

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
85KB

MD5
5c0c8e485dc0dba27e6c465f5535cb06

SHA1
f0838dfdfbff7c4619075ce670c2945747a4a1dd

SHA256
f861026477f80885c04e93bdd3d2d390c9fc58080e814a41c19e02c6ebf7b8af

SHA512
d321214711a49a397e54766731dfe3771f5c0074cf34d86879590a04f390408419e5800f8025321dfd66541aaf2a85d22ac03ed1f568485ed0549981566814b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
43KB

MD5
78d0ac6a195570e2319ca50a47f83792

SHA1
675c3053d38976c6d38c776ed80b2e9787a8b45f

SHA256
6d4a86af4ef8a94c8134e05b466dbfdfd7d74f72143d39e67ce099624a45fd8b

SHA512
e2d2b656a96861d7a450f9607a61148ae9fbbedd2ce17e5c823e54341f726d75b12609704cca3466e2911c1415a1c2e0cb471ef25a96e2bb8bb5f9e818432b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
87KB

MD5
ad16eb96f418aba497a23aecc2536a35

SHA1
9c7368aa91210c6ce7a4016779583c2d6eef32eb

SHA256
0213196ff62a581f044b5e639e8d011a489e628292583e241559173bfba7528a

SHA512
15b15f6a7ac3a784f5e597999584d31762ae3b06e2000c8467910e4097e467febef83ffa8d5a764e4ec4988055ffa8a5181fd85b69b9a8eed398cbeb6bdd8d30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
99KB

MD5
e84ef1646825cfa23ce59a4878610286

SHA1
62b3ee78dc29d609077cd193b5943be6864f1468

SHA256
0f02de973cbd7056fe5336e94f0e559361428544187a7ac5cb4e57e5e5885c54

SHA512
25083143d1dc3dcff1f34f7ee61b244ef524a326f271b946f33051b801978adbe89c6d182b52b237e00da72e66a58875cf63a600a6c7fbcf60a4ca3ac13f2d81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
48KB

MD5
aa82fc7241f57a1e3327d2381b748758

SHA1
02fb458b23e893bde880597c70e39984f8a340ff

SHA256
68ba830fa316b7ce8607353f984173baa766bb07e763be275228a6e9dc423e8e

SHA512
0742582d55edaf13320276ad0374ce0a925073e7c70749a49f5e4f5feb35c1678ead6da0355cc0cbe81774f18cec5edc8fda1daa8105b763b0e7087481b9d886

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
17KB

MD5
af4dae79f9f397974c31e24f40f5e837

SHA1
1096fde4c71ada3db8464665e435f339d9af9330

SHA256
7b1093bdb910a92ce0ede1f014592464de48baa6ce797bcf39d52d1b6f8b4865

SHA512
f17fe1bb6fb5c69a209f08c4493dd7d6947274e5cd5e25ffa3f55b28e9dc286e83442766844cfb220ee1b800b3e5ccba3dd779d157d6c49622521f284b12fea6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
67KB

MD5
78360c96c49d48f3397313b57ba40dd1

SHA1
caa7ecb31281533fa1e999efd610941ace37546c

SHA256
b4a1aeaa0513e2c510a721945a4bdfaa5b79a2be7181e3428e0e36d1e9a21f1e

SHA512
3fd6c4d8531b2e6858519d6d7bde31e884166668a0c55e9c310514d0d555963a5f9507f9a29e9fd291d952462dca7a3a25f1481bfff50fcd45c1656223e35644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
175KB

MD5
75f0b0436c11f6a07466c6da72f326ad

SHA1
d1041e5020c65dc8492f477cce31153852c312d3

SHA256
892648fae18931dbef99a5d868179de13cb8142256590cc5737638e3d2110559

SHA512
580c391a2f849c4fe8d4655b90541094f24127679ae598e2eb607d0db6fc62d5fbc13e6e6d78b86a4d95a89fc04858c0b4ac628b08283cfd5a19d493abbb6945

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
42KB

MD5
95f39fbf8052f75e9a1757c42cc6bfa2

SHA1
8d0820e47401c569d40b5de60d3a0113d6083b42

SHA256
aefae082c0a14c6c7e01bb7f07117997e1cf77ebc80d6ca4ba901e097452a4a4

SHA512
db0a2a06097baa437e6c2ab63f55da7da9cdfdb32663766f4067fed7c17a94b0bb25d296da485c44ab31646a77fc94e3344a79ce65df55b4f6ad6c635c1ecb3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
87KB

MD5
a0be78e86424c26106ea2fa5c3264393

SHA1
32d0550421d434a4b61d8ae1e5ea2383ec403ce3

SHA256
571b4ac1212e81c7fbaebb13ebb8b12ce366a9b8728803a0167a7d5ad080c747

SHA512
a61e046bc07f45d392faf2e1a2e2a2e5014054cb76a2bda0560458e8a50f8fa3a75f75993f62874910f4c0157bf6f6e96eb58ab7b6a3e6f6860cadf97acaee63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
176KB

MD5
c5037f5851c684ab7eba57f83fa75bbf

SHA1
1600b6700578e4917220a86c9c6c617bb3607460

SHA256
8613900a7ba81fa38d9e77db6136115f9d98f21d0376c7f73a54c91ff32abc85

SHA512
2de13380f3fd8898144b59dfd5a79c47b32cb298a97a3c6c0e6651fba77dee931904a297224b031c5a33b94803ad2b5f5a9df0046bd758a41fa7a0cb1bcea3a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
17KB

MD5
950eca48e414acbe2c3b5d046dcb8521

SHA1
1731f264e979f18cdf08c405c7b7d32789a6fb59

SHA256
c0bbe530abfce19e06697bc4358eb426e076ccdb9113e22df4a6f32085da67a2

SHA512
27e55525ade4d099a6881011f6e2e0d5d3a9ca7181f4f014dc231d40b3b1907d0d437b0c44d336c25dd7b73209cd773b8563675ac260c43c7752e2d2d694d4d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
139KB

MD5
aad2884d6a97207c745a1204e653bed5

SHA1
42dd38d6640fb3a0da9479f7eea4a3033449a45f

SHA256
9c6be900c8361fbc1afcc1032d4a38f13cc9e8f6ca8be7d7a803d76408961fb4

SHA512
9b809ed6588fa3a9260b7a9a4ef6f282af4e2812b8486ebfda050027c02039426b85c5f447b1c1d5ddc2804bd13641a355ba2828b010629a966f6eee58a6809d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
40KB

MD5
7f675dc438e7e4563b51eccb03ca34de

SHA1
992a1519934c3611950e1be9629ddbca976b4015

SHA256
7ea26e7edbf14bfd5c660e16be07cf8e446e68958bbb03f3c324be033e8c5a96

SHA512
9406de7b35ea58b9493d7f717cf9ee79cfc15a65ac25ffbbce28b4217a4bd347ba0eab65fb956111d77cca85362f57a0106b9eccd1425f4f8fa77f0fdf20997f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
391KB

MD5
4dd60e95552e765f8a4d3f61bd70942a

SHA1
8341e07b3217e7da89d37855d624222b6de78a1b

SHA256
f7f6edd544386edb4644acab923a7e80e35bfa88bc06a6a86950908f73b44bff

SHA512
016b2eac83312d77238bd9faeab1565999be400c030e43ab869a09e0a784a2e1a49962d81994a5a53d5438dc7cfadc4123773640a180f317bd8b6ab4597da5c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
24KB

MD5
3227deb4b53996dc1b7a4bf647995f28

SHA1
6c937741839e820b652f13d563b493764b73ff93

SHA256
95a5e16b8bd5194b73e544fe575d9b437ca80e7643e06eff385af6fc373aede8

SHA512
eb826d424663ada7d1ed77c9faa97a7a73f09415ae6a4bc589b92a0625654a87214e14b0fce49d151a9a3403db7bfbe8787203bd6f0fdca9cf715139623fc08f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
135KB

MD5
774cda51d90fb0ed4b3b8ac0554b1c07

SHA1
0cbd54264c9b4f82407d16fc2141b39671c71bae

SHA256
7ed3d278daf18d44e09f303b3c9ffc2f553df6c7c50f8aa0030f3b1024de6cb1

SHA512
9de85b4776e2fa0acc5c843badcc6c9d5af02348574442aeb0613e33bc77ee08e32ad87e746c92b4cd31268927991c9fd08ea5b60922ea8a5a7d5faadc65b8fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
69KB

MD5
73fd709837842679c83f032b101a2a98

SHA1
923c4091ee0ce953028e5476c7c49ba2131c9394

SHA256
0c96666839ad24edbbdb23fc229b86aa720c9161e584a31930fec8691371534e

SHA512
28bb0e2be1fb4f7b3c992f182e47f436d4fb7dbd1336ccb77f2c9a533cad6c32e7a4e3d30a84756f033804440e356750c4089fd62957e90fd54a7337962c3ee4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
177KB

MD5
7feed533c27085150087dc3d45bc131d

SHA1
063247304427213bd074391fbe6d1ff47d57c297

SHA256
60403257f973ce0c3f2cf52b94dcf06bfda863e056bc974be7ae1e0e28eb289e

SHA512
f6077d7537557de43791feda4d03927b5b8fe7a6486174fd9bae86d7f046480f717bd9d6f2648fa49176788f15aad0b3fef6a3e66981251d941038ac3b161910

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
173KB

MD5
ad53101634e8be1c69797635c4b43a6c

SHA1
d9a5054ef8411fa18288267edb8664c2f0efc780

SHA256
46d352f1e59b7a56a1b64d59809aa17e7a9ee1df4bac430094960629ebac1ef7

SHA512
03727f6c7d9b134f8889de4c149ac835ca6e8f61f0fba180b04f2114c9750068dc1bf6f95e455e8d2ae0da9105125113a0936ad64f38679f1d4a7b5bd56f5c89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
103KB

MD5
3227c6ee34a40971a473a08f51722604

SHA1
f4f8b1f0142b5e22a1c9b79453c314a81447627d

SHA256
2e877b94ae07a30706261eef53d6e67bffe2b9534497fac1d1f1bf6b92c0c760

SHA512
4f067ef683ef1881a1dd906d13087470c2ce7c3b6109029c1618a0ec2317169f7ee09fe774f37d1b6380aa86d896a4ca6f05125b797e7c5eaec0ac74a13d6052

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
95KB

MD5
9208ff4ec6bc5d7185669e270150b827

SHA1
30a13a9095e47f37da4820e55c59a0535768a1ca

SHA256
06d474b0c4fac2ec974d85fbee63f1f0dd25b7b9f07730c02f86f5c7795ccb3a

SHA512
53557fc78fc9df2a871c8f4741946d9c78c11582ba31063fcfeb17a7ba7ae02ee163e12062d6a2a1ed3b7221251229200c4ab830fc7b62fed996cd56e85930ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

Filesize
179KB

MD5
cea59157b4d80b80fa5951a69f35295b

SHA1
9be6504a73bca9310d854ca2c5a7019ae93f5395

SHA256
01ab3106ac945e3363bc6edff3291935d8a871065e24b9c77558697e47828dab

SHA512
9f29dbd291a357a85ddd6ca3e68262e241a7d13a4dff123fbbcf92509af94175017eaf2901bab0c8f9a1a1567bf10b2a3dd767acb42408bb239ca5d820de0a7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

Filesize
79KB

MD5
9510f206b209c15079b064279bc38ef2

SHA1
e628bd59f82c2fe8bd94853924b40f1151eeedfe

SHA256
5959e31f666c44f074306a6056bb0962f2e8995c9df7a4e7a5c62250236ad708

SHA512
c20543c73d361be11c600634824d4859c6578437aad97154c6674a7fd372b49f4a40b64bdccc61b3b3579f632c4d780b9e4c6ca1b92b6fc1ff0927e611b15400

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

Filesize
98KB

MD5
34ded6148c17fc8121d3ab784821b33d

SHA1
27f0237b0b335ecc6d3e564542bb60267c33b46c

SHA256
ab91f5f3a7f2013627371bfcb980078de3714f19d684f8d7cae9aaeba27883ea

SHA512
5d055b6e4913a92c685d77644d2c45a3337e96cab0e3eec03b73ad4001183aabfee518e7edf82114104f987a12da8e5c0f856aad31c4c7f2973cd97fef458daa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

Filesize
31KB

MD5
7642f19ecd473d28edd56d1c62cc8b96

SHA1
f7ea8f226bfc9178bb942c121d028435290102a5

SHA256
e8e1f8763aeb2113cb7c7f3f6fc6c5a07fe336103a672c8f39e5742bddd3eb36

SHA512
8dbe9f2cc2d9d5bd0cc90785f933769b34cc2e806229ad24a033acd88a175766f1c3a5eb8dc571f0a09ce1e38a77838a80a75893311f4646a89fbd0a88b5cb01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

Filesize
51KB

MD5
b55fbe93af87f32364fb0839e0194a91

SHA1
8fa1f410f8364431d8fb7d4a846541093a416eb6

SHA256
0be7ceaf8c29618fe5b711cd92dfe0a7eaebc44d34c828abeb48586cf7c88e01

SHA512
cad34364f7e1aba1248d2ba5ee0c4e18e5f94d4eaa65197f61749867ed6d6fe94c60c8107718d6017398e9429287c908431da970cf3cee2e9fc511f94d46c3e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

Filesize
78KB

MD5
ee246b9aca041f7c5523e05846de88cd

SHA1
8723b257e65b372de83650738cd47e5f61e74bfc

SHA256
5099a467c10b871028c8562045f615046ea77e06e5c9a93417d05fdea0272db3

SHA512
03c9f06bbfbd2bcab0be833591b178c8787c93f7734e24b3ea2aedec9d158744811709c80a015e26d0200c31cb7a38fa700fd6c4acc17a9bbbdf912a8d4e4040

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

Filesize
148KB

MD5
a85641dbbc2e737f08a83875d8e7706e

SHA1
6e4acbef413babea2733c3c689ccfd7788e2091e

SHA256
c274acf372114f67c76a61b7df530b657e371997ba617b000363342c0abaf3db

SHA512
9b967a390c47d29be598ea89691f9944927ce2335bd4f296402055b9432941707e2a22672e55d5d6684adf0f2e46506749585b51c53b05631e316065af3916c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

Filesize
95KB

MD5
1f50ef97d33b8fc1345d457536e0908b

SHA1
09ee24abef25998b1e3f66822a005ee49d0e530a

SHA256
cc7308ba800b592d022cf3528cd18a43ba21b9ed8956e1224c6fbfd5dd7b4f14

SHA512
6c02ef7dbbe8f6f4742d8cbf53b2fd7bba3a695671b88b41750d347cd152f32f0a9d12909f1b95047037e465d6dda9da6425d210371c53158a8a0416ddfffeaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

Filesize
143KB

MD5
5b3ff5d201070f624c08621d4d6e29a1

SHA1
5e706891705d53206327fb8a4985a6008e771f7b

SHA256
df9ff9df75fd6de4473a02c5c2f75dedc7ebf8b310635fcfc52404d020b25827

SHA512
fe1193aa5526f746d8c1b5e3cf9ee4c1c510cc57d9038b229b5b1ff8aebe776f15fa02f59775a9266e19936176b5beed89a24ff1763d2541d6dcd3931de9d2a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

Filesize
27KB

MD5
d44b00eaf066eb7050989509fd4e36c7

SHA1
f9c5a6144aefdc63afdadfdfba432a7f2921aa72

SHA256
81d81f58eace71c343daf95f8a2756fa914556bcad33ca241c127c4ae68c215f

SHA512
99f9f4b102f6eb4c6ff8868fc598c536397d247de9764a67548739662ae302ea79cc2f730d63b8ff40c8c285b2c9783bba96e37c72d9922623fae83219d6694d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

Filesize
16KB

MD5
89a574ff00e6b0ec61d995d059ce6e65

SHA1
aea09e96808ab77165ffa712eaa58b8f056d0bb6

SHA256
e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44

SHA512
30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

Filesize
21KB

MD5
c55dbb2a5e2048f8ac7b88cafbe13ab6

SHA1
6629572a0fd059184b4e5c57687fa414fa7283d3

SHA256
a82abfaf7dd683f673153324de1295a2a952e5b40fbbc581b5fc39603883f5cb

SHA512
61336d53f5f14636ad0552e92bafec6ab262faea08d28143dbe6f631bd6be86ed1b6b2dd5a2127cde53a1405ee4bc8384c3327521571917dc22c7fd553f108aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

Filesize
20KB

MD5
98f7ded41df9df121c853574b3e7f15e

SHA1
c33dc8e6b84300e1dd99600e453b1c1103719410

SHA256
52dad93b12d78578fb838e07303cb9f137cc1f46a9fbdc8bf4bbf1ace762555d

SHA512
de43441f031169efa3dd8ba99d9735d72f07272c159a505634a53a5cc34cedf7530cbea6aeb720e69c91c903baca27c271fa8288c97c9c4541aac74821118d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

Filesize
63KB

MD5
e4cc1ece2f2425b10ae2ccc212c1dafc

SHA1
92609e6d0093693110baa23758382889bcb30da6

SHA256
92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809

SHA512
2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d

Filesize
30KB

MD5
6fb26b39d8dcf2f09ef8aebb8a5ffe23

SHA1
578cac24c947a6d24bc05a6aa305756dd70e9ac3

SHA256
774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059

SHA512
c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

Filesize
21KB

MD5
343de8ae671d4301ed07e950c8058296

SHA1
ca3b370c337a7751bf657e114097261bffe232f1

SHA256
c08fd74e5af904092591d5994a97d74c2cb8aa90176f8d3d4bf562ba16dd5a94

SHA512
21987052d9576577f7fc701242f706e6fc87035b2de037b63c6aeb4e9e58e54bd875d6e16dd19a3ab11198b11e493b9609a68b6843d8266721e56d07638f5148

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069

Filesize
21KB

MD5
b1dfa46eee24480e9211c9ef246bbb93

SHA1
80437c519fac962873a5768f958c1c350766da15

SHA256
fc79a40b2172a04a5c2fe0d5111ebeb401b9a84ce80c6e9e5b96c9c73c9b0398

SHA512
44aefedf8a4c0c8cbc43c1260dc2bbc4605f83a189b6ef50e99058f54a58b61eb88af3f08164671bad4bd9c5e3b97b755f2fa433490bef56aa15cdf37fb412b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a

Filesize
36KB

MD5
f90ac636cd679507433ab8e543c25de5

SHA1
3a8fe361c68f13c01b09453b8b359722df659b84

SHA256
5b4c63b2790a8f63c12368f11215a4ffec30c142371a819a81180a32baeb2bce

SHA512
7641a3610ad6516c9ecd0d5f4e5fa1893c7c60ca3ba8ae2e1b3b0cc3a72f7f9bef4c776a1f2fc52f366bd28a419ae3594a6576e886e79a20ebd98b55b2acc967

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0

Filesize
261B

MD5
52426078b5748922dd9ad51a9023e9d9

SHA1
5e7117a3683f7f3068aeb5e2ee3d5b2a2cae8f41

SHA256
21fa3f8fe2c21678c030b9ad4a5c2e48e06dc5d669910c44e36a57405e05cb95

SHA512
83fbf70bd6236f55c70eedf38f7403beab2043f766353d5ee1544e12d8b9ad091d21c81f9ed6f4f5bf82e5ea97746639dc42ad37102cf187b73268221432be1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0

Filesize
309B

MD5
0818d340184cefc2f26ff11f10e24dba

SHA1
b7149123feb25dca62c0c4853aa5f42b1aa0d9cf

SHA256
08c8f9e217d00060f4fb2edc6903529d8e7f1ad54de5664b70fc91ce28c43b28

SHA512
4d64413e2f45a6318e06bca66306f48635839619fcc1e402682f3854e93929bf321d1c12aa345482fc5c65d84394fa3349c0f2c49822869b71a675384340372d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0

Filesize
23KB

MD5
31c7d27a28674539f88cc95913e69128

SHA1
1f0a2f0e6216eb8b6884a08283c075a8017a16b9

SHA256
fc05189584dd211f567848ad0e781edc6a5bdf8859741db71254ef0cb70ee66a

SHA512
f65ff7408d8e5269d47334e9b831089943119c25d1ec3cf835d26f9b091977c7967cc864734eec2a025cc3432dc38e121b2f97382ca0b1ce81a096234cb43155

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7612455cdfc66f62_0

Filesize
257B

MD5
4994f7721657fbab31ae945911ec538a

SHA1
97a2120f0a8e2a1badf43996b377bec36c28e46e

SHA256
51461b0cfd0c130a2e5a69612a81de4a15c45d34e2fe9a735e51afa49c46f327

SHA512
3884130895373932be87bcbd32d654533bbfc166f736dff59a0cdc5f1ba9b15305085facd120db032223128bbdf3a61ee9a17a9ec77295361af0db434d777b7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bee073cdd3bdcde8_0

Filesize
223B

MD5
bc2fdf3578acd5eb81b6011aad9ecc82

SHA1
806a09a749075b36948ac9883ddf403986c4e6de

SHA256
53f4cb66d695bbf0356b8cffd734b6808e3281d94bf79a0c82058886ecba34f6

SHA512
da8d534465a722033054f8e6dcf7356d2a6fa8cd128bcf54a012723eb950b0ff85f33a9a60061074b93158e769255d6febdc9c8f0520e31ab9fdef6674bf5362

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bee073cdd3bdcde8_0

Filesize
37KB

MD5
6d3d5bc3337b24992278f5347e277dfc

SHA1
79a5adaa54cc8cc344ccabdcca99e73c2524c130

SHA256
7a29c481f59785cabad9752fd00b27391209cf2572d0f6b74f15d68c831a156a

SHA512
b0aa5bcbdb70f9bea3e644c8af54ac2ae796c1e0c9c0e85d6756ab9c3be68683c15601d714e55f80409b867c81a4c3e114bebf02d8ea98c571705b514c87d43a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ce425db29b5eed1a_0

Filesize
382KB

MD5
fc1cf16d69e34eb194f1128ac484f276

SHA1
364734cd56ed959a4c0dca79e9e4b2f1136f6711

SHA256
4544ae4b6ebc20e7ccd883527451127a204c6f6e0098062ea8b9a75a9d1da8ea

SHA512
3ed375bf229afde6e1979c0df94913bbcb8c25970d43aeed5d8f9420e59c092e5a0200d3baef19160c04d213a3085c8ce6aeb4b78db2f955c81153e027764190

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f1f835e5cc9e75b9_0

Filesize
31KB

MD5
8f1e3f4938d52c89675c67a9067c6d5f

SHA1
3d862beb8b232b067e03a570febc75d83ebec5aa

SHA256
2b4870dd4c43a58142a83d313d6868b24c18127575ae542599ff0bbc6a5b3fdb

SHA512
9166f7bb232c87add89061001dd4fba3398f800f80dee702e3ac78485f7e5b747a4ec6f42c513f2b5899ad9b3e918301972636717a62cfdc1b5783625e88f1f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4111438b19c0927_0

Filesize
246B

MD5
588f709e4fffef492f955c1161b78464

SHA1
a84027503ed7589bb65af4a844e6bb40d5fa95c6

SHA256
e357bf5118a5791aab2b9789b39805f4b093cd3362d6fda1cf1c1460be410d94

SHA512
7019b9e62b840f519dff25290be267c233f7a9d91d1ae2f0435e1d1cb189a46511e65fea72863f3d33582a9b94b5ebcf3c7df1f2c533e39a16aa6af41eba6b05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
1706e4257e947f3a5f435b2d9d1bcc11

SHA1
6c99911aae510a8cc495143b2852422a15de47d1

SHA256
b8f159456eee9e4ac59af894f26427c46adb14d6d875708c1332c8ec8fde3f3a

SHA512
68f02dc40512488bfa4eff4ee0af0e3957cb0320a0c3f44d71e52f7e8a7f52137dfa0088e3afba8dd0e5df2ec6b63b3cf9a977da3ccd570b1dd63ae57dc70eef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
cc5a7f179a1580307e82cbcc9ea273fe

SHA1
eb4b1cd7174efaf6d94e4748d03ad070ef1b7828

SHA256
4a352c29e9f4089d4b4319ec584a3100b0dd1f0d3ed7059198d083af810446d9

SHA512
7e9df1ed45d3255ab486f7474f03f9fe904f3c44299bd0554a27115e76f738c1fe7f4cf617fa717bac6a1c4f383259872ae369b7349c07a34ae9f5a3d3a0d36f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
2264f9089dd8d1a0def949514f08af2f

SHA1
bc71018c0be8c561af4deb0faf66d2fcbef61e1e

SHA256
7685a6bc8ffbc1ab4630989c667a71dc33712fce729bb30fcc328e723bde3853

SHA512
69336514fd12026c727e08c947a35f3b2c5436fd22d3f544ad1f22a2485dd0868b361f6daf7ce34f2b4e95d636a3c7455cc2c55234a5f364e16eb84b5a163efe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
9c932c167551f622b1703142ee3b35cc

SHA1
4c19dfb14d810118859da51452a06dd26a7ef7d3

SHA256
32ab02a8c4de5ffcbf8dce21a83081e380f7f67d425779e472287ac6736e7580

SHA512
af8443e5b3ce866789d94c38fe627ec0dbc571f35811cec2282990245c79a922bd244930076978cebfd6a46baa2e3b8f8f9768ba82351946819b3fdde3ebdca7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\.usage

Filesize
24B

MD5
0edec5128c1ad9f14033aac67608f4a7

SHA1
9fbe0a845024186cd5f912f763456ae7e34f1aa2

SHA256
dd9d85694ffd4d6b18c0d6803e70b426d32f78b4324a5eded75c9be5a213f184

SHA512
a99de5ae88108896325a2e022ec63d996b0499197433a1b5381abf44219811571a379b3d9d004e5a65222f177a06bb74cf282ccc927b3b26281da27a45b83c7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\000005.ldb

Filesize
761B

MD5
9462e6e7e71838c89a1e2aa993bc4f09

SHA1
b16f928e2fd7060a713947a620232d1d1f44622a

SHA256
97390d83a7f476338bc313951f0451d894f8213e880250ad0e580097054b4637

SHA512
27474448ebad85f96641fb96f6c1120296f5734abf8139440235a712acfaf4efc89a262e7af323caa34de661bbcbe56a07bcd12905708cae7ea11f1e1badf759

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
733B

MD5
eedbf4aba40e742fb07cff644c48051f

SHA1
016c38ee739fcd3e1e27cad3eaa92cadf76c3386

SHA256
5fa535d16eed4df0a49d38b5784966ed866710ee81c44333416ddab0237d67f1

SHA512
23364e5b3b25ed425d6477e517752289d949c0e50c3469710b3f30d2bab799cc6654c873e244f0b2a0371bff79784ed9a608d83bda9e6775b18543d68eacf292

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
734B

MD5
6897bc2abf0997c54d0538c33ee89cb5

SHA1
1dd5d5131ebeb56241c560b3fc1304915ba7c6d2

SHA256
94a727b8a917c08d8daa8d6da7e65d18b56ad33924e5d378e1e89eaf7faaf6a7

SHA512
6d5381ff9744b1314ebaf3eab60f2a765c11045dbbde06154a79b171b1e62420f73e0c834c38d26f16569db025d1dd91c5906571ff39652eb2318cef99e41a76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
732B

MD5
7a2f2065dbbeec91e82558720e045978

SHA1
09f70060f46260770d35f8ea5722306beae032b6

SHA256
2dc93e0efea8b01cd0d7d2f6ba1e87daaa436a0a02ac00fbe8a8352690ee1726

SHA512
e717754adf95972bff76c42711bec8ca7772ff082cb1b23d89f99560ebaa36208b1ccbfe11d20146891481935c9d838e328f3045df35c228f629383cb86bede8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
2KB

MD5
5fe8bffa0bb3e4e01e1247f32d6443ef

SHA1
8278bf1ffd883f1531b558c6b4c84b444552fe7c

SHA256
ec5b2eb4c44e73fe255b5c505b4598078b7fdbf7d635a8b193da297171214af3

SHA512
7ac5060fb345b7ac36a0e1ef6ce2b15bf5b00c71b560e10e1f497d49bb6c943a04581e51ab74cba1c4db48fda06707ff96664b79018833a5909dd69d01f71cf4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old~RFe5fe46d.TMP

Filesize
594B

MD5
cd4239d2210303607257da3a2b5388d8

SHA1
1fc5b2d1f581c62b32d744424311d1f8a27442ed

SHA256
8a4eb3f3c5d0e9f706ff1388271f178d51a674d065417d2e0807789f2045c737

SHA512
5155fd67b9b128125e07410f49e2f4da8b246b347bedf9f6d0190d6dc2f9bcc25fb7f2f3694effb1788b89b2ad03a837dfd7b462aa33405d20c68dcb09f3e378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
10KB

MD5
75395a0ec1a79bce5979700f1eeb4dc0

SHA1
da38db099fb08a22f56ef24a6ff756d561a509da

SHA256
764de4ba91128ed4738a1dd5d39b44aed0de35bcfda59e67116a9a867ac73c8f

SHA512
9228e45e80a1ea06c6dabe71d76735218cec9ed2fef8f8e299a3598af83e16ce2f85459066ed8e6c732fd7922e390e99d52f78d769325a4ec034d015fd6843a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
11KB

MD5
dfba5f8d3732ace57610330b9482363f

SHA1
0fc9ba7d1f62689fc248a69e73e6c5370d208ee0

SHA256
55945501d167393a4dccd7e67ab5d99e46e6bd6c96f1ef8353f780cefb091c98

SHA512
72cec43c5b285997d2b511d2e539aa19b651caacc9244a5b8517a2433deb545b24f15748a172ba2c0ad0a1a3ad7d7337a1a96e1d9372c69d6774fdee13401364

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
188B

MD5
008114e1a1a614b35e8a7515da0f3783

SHA1
3c390d38126c7328a8d7e4a72d5848ac9f96549b

SHA256
7301b76033c2970e61bab5eaddaff5aa652c39db5c0ea5632814f989716a1d18

SHA512
a202fc891eace003c346bad7e5d2c73dadf9591d5ce950395ff4b63cc2866b17e02bd3f0ad92749df033a936685851455bcdbfad30f26e765c3c89d3309cb82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7e4f2e25ffa295a991cc965ef35b57b1

SHA1
7b57e8d6a7f79bcbb56e4cb057c80313d8e6e9b7

SHA256
753453d510209fd48b1b3753ead1804d2d05efb6537e58e97db2e099885cb524

SHA512
22b323983036a5aa23fd3a7d020ab18bce72c8d5f56c5e313ed09d52fc685f1628a21d1e4724b934e2f67ef501b6d884973af5611f5a2a648655f34e15ca70be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f73cbac8620d69d13405a1bc4544d143

SHA1
926727e25ce82e0fb09518fc870cd73ee65cf43d

SHA256
775458988074a2ce33d1c22a4b5f661431deab7689ede6ea716dca06bba26819

SHA512
28769f400307e9a595e9287e7a2f5d0231042081d61987697a8e36dadec481e241b8cde192a9d0ce95be7676d14155316fd25f518bb7c55a0eb9cbba1dab8c26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7d34d493ad3b81d444bede88740ccbf7

SHA1
4bc46e5d916cf70c8d026add1542ce823d634974

SHA256
3a6282b6140775988244504715679d1410788b97d3a7dafb9425e8aa019a9fcd

SHA512
9212a8c3f9140ee2b7077edd0f78287621e3b6f851eac174c9e28957302cc83328b6634a72129b163c2ba40dc85901c147f20dee33c69a5d7bf70aba441275c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
61db73e578c37869db905385cc65693d

SHA1
2813b6677daec0bf1821421ccd2dd08236ea25c6

SHA256
4a2034b903e089a66dc0edddb1d267ca277486146e793db8b7a228d83b0ac934

SHA512
3f6a477b49d29b36611cee031f0557357f08e7e6d56ad2fd48248dbd38c813c8f34ad519d03b1d3b4c1cd670c7a09bf07c9c98993761f63aab6297038a923233

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
501654e777f8a5abdd15f8c9d3393cba

SHA1
9b5aaa385ff3b812ea39a8378cd6731161b7829b

SHA256
e31c462c3bcaf73ec1bb25e73b841bec40363ef995a192cc526f357bcd5fd061

SHA512
c06be376b0fdf65819b4badd755b8fc8537f944107b96817d757f4ab889aae2a358d350b77e6bd240fd23e49402726df5fdaa6efa6c61dc0a1bbb2ded238770e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a7ffb4010cc7af5dbddb1ea8ffbf507e

SHA1
adfeb84bc9e036d829d85409d831047cace74d14

SHA256
7aed9c59241f9430136435e13929ded8bb9071c26774a25df3521de91fd48fb7

SHA512
03eeee9ce82925e397bf62078d51caf0a83de3d84b8b93a8d78a1551685ba3b3946cad3d45d1dc93e42a2dbcd9214d712a18fe891b04d871d643f488b5dfc115

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
fff3bc3f21016fd2e4157dc7afd9a98c

SHA1
c8200b16ea699b2ca85457804c2bb17a128bf55f

SHA256
cc1acec333ff0c8fa03a79a247a20ee77507ecbdd010ea67e69a04640315ef50

SHA512
e81271020920e927d2cb185046bc082a7ac700545491f8ec2231d58b3160a98012f746c0ae98bb3adcd74bfca97fb1eb560092babe67f8e8d4a45ea11f9fac98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
ab5c26aeef1468d1135519b5ee88db6d

SHA1
6baeb7f5c073a5c1cfdc0e62d5d978d071dd1e02

SHA256
0b2a312fec3fe7e09811caaf67805c371d236d162a4b3627f03337b0e3179d4a

SHA512
33192cc3b136c07ed5140f5f441eaa03431cf96b72420d39a929bf08e91266163baadfa3af92509f00e888e9780f702d2b0ef162f0cdf9b13df84fb3fc88ec76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
b149b5427b84269fd307ffd2ac0167dc

SHA1
41e2d0d44502d5b51d6ad1c8050c4442ba2ba568

SHA256
a95e318eb3fed4548e8a95575fb48e193eaa1f3ead7dc2c08c26e7feeeefffac

SHA512
29dc9c1de66f759fad864d07f267c4070a2d18d0b47048973eb3bb36df4ee652d1a2bd709fdf5941e8ee2ba161eec125975d476051b3207a077cd525105bff44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
2bc4d5dc337fb3c0c0f7f69fe359ad7f

SHA1
b709d04345e9e78005e914de218b2d8c8682f1e4

SHA256
5a729c0ff2d8272731a20693fefdb52ef8b5a805d5feb154e331e8ded45efa74

SHA512
081d7e5fd2291178348a7d0ee2987310a92878e59c48ef858167f920bc7105521e9688046b8ba4fe8d77810c82fa7d36ba88e27428bd04d23eb66b886df7035b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
10893f11b804f3804c020a171a754b9f

SHA1
fe5266b10f3d7fd1a1405e976b2b45270b24381c

SHA256
5c7938dace0a8de8b6ea9f574aaabff98af1524c0008fc30bd9253a07cb7c3b1

SHA512
051ac73d69db249870c6e49cf00921854c42577ad1704045f1580e133a8eeec024d18d12f680c92555528a8ca3ac3eb6abbf06668b9b166e1ec4da771c679204

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
ee852a138aad7d291fe58a5fd4d0d32f

SHA1
48b96582525d3c25d56eb10d0caba846f18cd079

SHA256
fce721720cedc3e1bfbf527d71dd6e14de9d3768e57af1d3452597ebc6f289a0

SHA512
913b757699ac14cac32b206422e83eb922dd680120ce33ca1ee5eabef517436e54b026138165401e5ec77e4d66bbc824d69bd3320fff5e05d3eabe5b427ec74f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
7KB

MD5
1fd36ab6c40b6991b69c7050344e6aae

SHA1
e822a09e949c21a9f3170fb0195a03e9d7f4055c

SHA256
148c27b934d3e4e59dcadda138a393987ba44334ad92eacdd18bd0d6f43c58df

SHA512
286c90b43cca1b3edb095dd449374b2f3f8f8e400e41d41461a264410e51fc6e9c9b531e68bc611586980dda2cce476158737ee987dc9bc4919f84303e60ae0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
4KB

MD5
0a9a8ef951812c1f4788d7213d70303f

SHA1
89dcd6021dbb436fa9cf5414f6e111c317f4adf7

SHA256
16da27ff4e63d60580b92ff467a88df568203e32a04d8f91e6d58d24d253e8ac

SHA512
ed6aa8ea767100c9c098e2986f895fd77ca4a2351862cf02b9e1dd62dff1d05b2ad50ca70cde4fd9e50cf8366281ff7c5a298c73241e40deb3c68a9fa3a162ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d76249499bdcffb92f1b3d86302a9490

SHA1
41f60f7b898c0fbed5b74cb981b45c78c4ef3328

SHA256
79370831b2d3b5092dddc4343a39700fb2505d1c8d85497f540f14abd8ba612d

SHA512
192d6925b55db95e7e47d78fa4cc0b589d411e0bd5f0a30e2e53f937f8b5af6019ce4dceb433ef165ac948798e01d042b67691f56d9505b3513beef2498c32de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e399.TMP

Filesize
48B

MD5
d8d08d8c961fd7602fefaea82f55ef51

SHA1
1fa6825863ddcf5be0cab8a6cf9f967ede3a278b

SHA256
b53aae15669bc1176afd3be76a1df992a7d39bd1fe82c6139b0c667e845abdb0

SHA512
71d7d03fdfa5aead1d87aad0c467a14ea2bcda544e73c9627f985f856b1c77c7bbe7071fd14150ab5734bf92550c73a7454919859239942abfb74769e8af5783

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
705B

MD5
b124db00f062e31dd6f1feab73d96fe6

SHA1
2c37a262531aece92f7f7db4f7ddf06c876896be

SHA256
8f3c2cfc3d94b329c26dfbc4a1131372dcd310e4c1540cb0360e1089b335972b

SHA512
d8e08b1cabdabb76bf75440dee2419b9c45584b8b78763ca1602fbf0be7c2d696fec17c4e5bcdf575b1b1a20c76fef8f0a8904b769615cd76e94cb3cd31adf1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
0d30b98f0aa226254d9c45b14f66ed29

SHA1
04207ce424f50f1c467e14e2b9f32dce10080fd4

SHA256
382e27980c1ceca02a8b1f4ecbf016c2f7815bc0251f8a1e9cc78e1c60c0df87

SHA512
980eb0d247790fb9572db2e1ad1d381422aa3b836235607c2885953d87b3e633eb3921eb1ddcabe5b68d290d1b549a8fc07d8b71e40496d0efa250d76ac715d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
014b5f94ad43e64a4298fd7684f57f70

SHA1
2341f3eca1d599b4eec3beca5ca13c500550c344

SHA256
b961f59c53bbd9859cd95eb77ecc49772cb30ea901e19a9f19cf94bc0eae2ca7

SHA512
5e8ba66e2c372549e098df518d8de61e82d4ebeb8258e7358ce39ea798c00f8c2eec889d2e1570cfeefe94c455c576ea7668f3e94446e5e849ce03961e0c3302

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
0d60bd9de2532acc71abcc4ffb567be1

SHA1
7d4604be93f7f1c8ecb3af61a7a7407a5222d7cf

SHA256
9e3a3bd66ac7b4090350abe6655f66573a46c95a90581bb6929b85d064724e00

SHA512
62a6e8e63263001544bef3f5533b3f85d1a736be2d1f245bb47b312de0a7fc7a88d6474482d03dc7a69c1cbabe5e0d953500897b1d60c5f2ccb3950abb87a3c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
a74eb7b5cf88aee98c0cc086bfd1c7eb

SHA1
92f691da7be84139a04ba5925e9bfa5bbab77627

SHA256
4f04f157a5fb3bbfbbbc018de62682a5a2a437a52006b16bc304e69b8006c9aa

SHA512
e58911ea87b9e178ded0a6be2fd5d5084ec451fcdb53a0dc952a68a9e7fd8920a75d6095b21b711fbb89a1745abaed7a07bdeb46136966ffed03d2e1159d7c3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
72a7376f0c9faaa4637db2330bbf7c96

SHA1
3b465ef81d01ece6030647dc47bdd3098c8c4e0e

SHA256
3f3a9edacc4aec395e2cca6d13435a00fe277c4f8a13675f680c8510dc431045

SHA512
6c569e5c5e9fddd53e0cc48028a34eeeca706821587c98c5934afb3608f260498e806ffeb76e38a6c15ad2c8d2ee111ddafcd2a5128bb5af1b71c7cd6afd7449

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
91cd330a8062f7c75dd8a853a892a808

SHA1
af8c95066963c13585b4c6eb3720ddc7c349d818

SHA256
559cdcbeae14387c098b81d99a683af9f8ca8047b7c1418284c136087f317759

SHA512
1246dd60e45f1e29eb040c09b51564968f3588835206c75432d5ff1a97e72ba1bc63be81fb76c8fb7d7212ad2f5a5f67c9ac39f617574ad9e3098c738075dd1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
5809c29b36802dad4a461d4ef59272b7

SHA1
b727140d6b3e660fc805a1aadc37998ed8cecae1

SHA256
ceb8db337fb7364d5dacb51b77b9ae4c746f4937c27c7b397da4ff27d1d6d9de

SHA512
308537cb808993b7ab9f14a32632f97508901dac883f81316265212b7e83cf45e152a2ea94e66a9e6a4f5fab8f20eee94a5a57beb4fe87a5f6f92e92dafe195f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
fdc63d388f9138a42bfc8c55d7cb6414

SHA1
25bfa0d83f847cd6302bf75d919d5e42e5a26743

SHA256
6343c31384536facbecb9838228248a792ad6908aea0a4d9315d0d2f40a59569

SHA512
5a33c5b89d7268d8f20408696f82719c9b830742ad3dac71be0762b6ad742ce1bc509154193c96fa82a365fd0bc3984dc5a11ad7f30b980c7e2bb17c32e3c402

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
d4efc1ca7aff5f4b9538f3bcc8ba5f98

SHA1
5d24f98635b8de283c2a8da5bce4faddc4e038f3

SHA256
1203608399f04bb4adf6725592c8b464640c54e7aba6d60cf0def568c7c6c771

SHA512
47ee0d2f2230c7d2dca85974ff4e641b115c0ba3fbfe0be12e1cbe3b8c0f4632c0021ad6382acc11f47bf27def5549ca520c34084461380883d0e72d05f852f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
0b776777d917ed91b7d1170d2a8bdd54

SHA1
0229768131912aa46398f3c1313e15bacef78551

SHA256
cbc17cace253da5a424f88644de1c939802764d2da0911cb24980848ac043144

SHA512
a4237aaf74219929e24a36f871bf4f2060f82ded2dbf1ea8751827e47165e49f6556d6a591ac1affa38dc651699c81b95f1f8380aba622a9ee532b95a02ae202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
12221070a57ace28bad96cf74c41d425

SHA1
f8d08d1fd164dd63f8f79e38e21eb2008eb63045

SHA256
59f4b33f23c9a2b5e8a5ade38d0fc2400b077a74843c08a7235b22ce6b63b662

SHA512
41025b93749466e3e4cc6055264035a78abde7634b17afde5cea7cca61f10a01e5e7a4af30ad7c2e4c8ab27bc03d0dc78b47e8e21f255ad01b642b0d47daf761

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5eb525.TMP

Filesize
203B

MD5
2447227adfa5944492adb613113499f8

SHA1
f6e8f5c754caa35e8e87df863963bdeb42c29708

SHA256
4a218fecb261652214b6a41af089d8eb1e278d8ddf140bf955b8652b4ddfa878

SHA512
c53122dfc0702c42681689905e255f413479504b937018617da654200fca3bec6472b51ca0aee1ce0436dc27271861a498f749590e5a8b6d54219e908e147ed4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5d451469ae1448818f09dc38700760b3

SHA1
dfdf754c9056cf50aee5ef21e1090d747e0b9386

SHA256
85ee7978cdc917acb8683d1889f3b3e3fb47797249423e75730c453957f859c7

SHA512
07cd93ac4ccfcfb54d47694efe4e66a47a93a0928c53216a0b3f2e898fdb7418c03f0e095a050ee9fe51c65fc17f21c9e02c5c955ff34ea1f21bb3033a89203c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
51d5b5e61ce4685a63542f8014cbc977

SHA1
1927ce742136d733ce480ba66ea01a73069908f3

SHA256
56aa9110c6adb2e9ff1dd988111632bf6b78e9eab82461950d831de3f6aeabdb

SHA512
086dbcd5794fca35a99a29e44f1cb0ba3bc2740a809c3995fe5c868e17f0e26013c0bfe75822e52324a86c4aa07af9792f2b149b88dcdfe14daa125d6e15e13d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2df320025c06dba81e19d0121cba152b

SHA1
9ee64ad2da996be9a3ae952eb5ad73e525126de8

SHA256
f1fffbfaaad77075e88aed138e9ab66b34f67b6959c7ad58a1d00a6aac731d99

SHA512
3393230aaeb6fc8a66bc836762fd0ff98326b5b3b3faade932cd6512d5659e34af9775932c66f8b3809223af3f8c7b192f6f7321643b625cd555cb922c46534c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
3105548ae0e6cbacda66524c20678409

SHA1
ca40443dfbf1c451ba35634d3bb95580c77f94d5

SHA256
9a00a62793389625ce49e2f09bdea351e49173af8a0398ac8f23b4c84747ce93

SHA512
02bd8a4d39ad8e1aa856183f3ad199b2c86ad39ccc2137753ace18a9db24a587b1e2f5b45757ac848542e68fe0197e19ab1a7976274e6a0bd466b678d5e9a842

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
c7bbbc114b436871bd08ad72ee1bfaee

SHA1
b8405830d39ab733a483f3179f8e74d0245836b5

SHA256
f0a52ac113f92d44e400074e9511c3ad8ae3aa7195d31f1b2cf13ad85c05838d

SHA512
c10bfcd413efa083fb8474d8cf37a6c11f8a038d4bdc7c6a959b1391e2d28f3062b23356a2aaff67f99ff098301648667595354d6c541870082c8c3eafd20edf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\b6976958-2fe5-4c2d-8e6b-c975f7c3cd8a

Filesize
671B

MD5
702d87e6535f39e7f09977062680c047

SHA1
c92146cba71fcad28219163600ce01f5611f199f

SHA256
ff0838c04881a8bc2bfa2df4b6f3ee6ce125512b14dd9401d2ea5c9df24a5d76

SHA512
6e07789a2e69752fb655eae76e772a78aa122a949af6695a325e9de359878bd17f87ca9ccb3f48ffa7ca7089f00261b3ee103ded99e9230041167ed9f5335f04

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\c61ccaf3-b513-4e7c-a676-d4e7cc3a9b80

Filesize
25KB

MD5
a5b5411d82e6b20abd798182638a53d3

SHA1
3f0895de7ea1477fa19032a1274cb26a9006dad0

SHA256
2a37f578f4ea09c6d3d29ba2fdd93e094a3bbf62f9dd6e0afbada3d4ecc6f6c1

SHA512
2839e2c0fa07dfa3d1f9bffefc2995523587bd076c849807fd9193c2dc4149c7cdc012ecb9b26536ec7ec6f0e160fb2732401533996a7af79ed2073f466350fd

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\datareporting\glean\pending_pings\dba381cc-f5e8-4ae9-ad83-3fcdfbc02893

Filesize
982B

MD5
dac69e384713a63910b0520a99c3cdb9

SHA1
5012d4ebb79a9b57b0ec6949b4a95d27c181ed75

SHA256
7bcf93908f31e43ec5e53af9da54ff3f4bc472f75d568ae7c92ded8e65b2ba5e

SHA512
fa2d987e1d3e5586e75af777deb6a659ce38329ab8389ddec2a022106f4dd01ace059f0fb0540a7fb8b250e4587833a3cf5b1bd0cdd49dac09f9fddf548119ee

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs-1.js

Filesize
11KB

MD5
8e0f663fd07d033ac1729713d854b8da

SHA1
4296f1dc9dcd937a264b7f8875bea10672aa5c35

SHA256
01c7cd3787f8915ea6a5af8514acbdf3a599a4f8021e8eaf698a2b6ce5bec475

SHA512
b5b1760367b6959ba19139ef5ac2b8ded6149a0fc703a8c532bed7d46fa3acc10add91e5ca304370058b33cc0ae215fc37d3ee7d9bb963a633b25371e627181e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\prefs.js

Filesize
10KB

MD5
379c3553b8dfe2fcc1937025b7e708bc

SHA1
e6c0870ada7fb52c4fd68d30ff0252af63585c6e

SHA256
bc2e3ffc79bae30935d28bd7986e523850eac35bf128e63dd3d034c00283a489

SHA512
04be7a795d42fddd648003cfab6c725c2db26c1a28cba5f72386e92d5aaf2d84272f81c66faf16d2d60c14262d48dd57cbbd24f26387c5fedac8c3d8c081e6af

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5vinb3pw.default-release\sessionCheckpoints.json.tmp

Filesize
288B

MD5
362985746d24dbb2b166089f30cd1bb7

SHA1
6520fc33381879a120165ede6a0f8aadf9013d3b

SHA256
b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e

SHA512
0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61

Download Submit
C:\Users\Admin\Downloads\nexus.zip

Filesize
369KB

MD5
a9bbfc89690d3095e180b07c6d1e367d

SHA1
e05cfdcb8701c3d9e3840aecdd77516572bc0278

SHA256
a66f58a10ae4cf981749ae70edfbe2759c93eb6eedeaa332c8dfafc3c89e8d53

SHA512
4d8358b3b4ed88db446d819d2e74fed91f51b68f9d9b2d8c63b1e0a1d223b6e044030eb4d5824c1fc8d4cd05ad05c1e684b05623485383d5866593989436d3a9

Download Submit
C:\Users\Admin\Downloads\nexus.zip:Zone.Identifier

Filesize
52B

MD5
dfcb8dc1e74a5f6f8845bcdf1e3dee6c

SHA1
ba515dc430c8634db4900a72e99d76135145d154

SHA256
161510bd3ea26ff17303de536054637ef1de87a9bd6966134e85d47fc4448b67

SHA512
c0eff5861c2df0828f1c1526536ec6a5a2e625a60ab75e7051a54e6575460c3af93d1452e75ca9a2110f38a84696c7e0e1e44fb13daa630ffcdda83db08ff78d

Download Submit