f492ceacac92bbf1a89d859b308a48e0216a9ace43c206a0ef35f7827e46b6cd

Analysis

max time kernel
146s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
26/08/2024, 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c29267c9117505ddd12f5bdaebaa8fd2_JaffaCakes118.html
Size

180KB
MD5

c29267c9117505ddd12f5bdaebaa8fd2
SHA1

13d74f7be2314ec2ac67005955269dfa22f772f5
SHA256

f492ceacac92bbf1a89d859b308a48e0216a9ace43c206a0ef35f7827e46b6cd
SHA512

97a8287d856ea047841b478da3e1cbbfb9faa44521543062ae6f1307785fb5bada6b0e2d0fdfd20474ec37eac5a6982b0b718f7934fc614de185c7094ccbbc84
SSDEEP

3072:M5dWdc1mZbXbSbsoIcag+mA9gTDI3sdI67im8kcuQj5Bn+UM5hth8ZG68+Ffmdba:NdUmZbXbSbsoIcag+mA9gTDIsdH1cuQZ

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children	msedge.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
1876	msedge.exe
1876	msedge.exe
1960	msedge.exe
1960	msedge.exe
5732	msedge.exe
5312	identity_helper.exe
5312	identity_helper.exe
5924	msedge.exe
5924	msedge.exe
5924	msedge.exe
5924	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2928	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2928	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe
1960	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1960 wrote to memory of 4164	1960	msedge.exe	84
PID 1960 wrote to memory of 4164	1960	msedge.exe	84
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1572	1960	msedge.exe	85
PID 1960 wrote to memory of 1876	1960	msedge.exe	86
PID 1960 wrote to memory of 1876	1960	msedge.exe	86
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87
PID 1960 wrote to memory of 4232	1960	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c29267c9117505ddd12f5bdaebaa8fd2_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf8ae46f8,0x7ffbf8ae4708,0x7ffbf8ae4718
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2280 /prefetch:2
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:4764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3728 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5704 /prefetch:8
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6744 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.CdmService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=cdm --mojo-platform-channel-handle=7376 /prefetch:8
  2⤵
  PID:5944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1
  2⤵
  PID:5604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
  2⤵
  PID:5168
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8224 /prefetch:8
  2⤵
  PID:5924
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8224 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,6084728825598372123,12944167895908950726,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7868 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3016

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4620

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x33c 0x484
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
1b084eb458c81b995c87c7dbfe30a1da

SHA1
8f97ad22cd0020a8c9de538efdb17b609b4436fd

SHA256
b335637369944d4ced3d8ef81486a53e1f05ce7dbaa186672f3260f70c537c22

SHA512
f507b2cbb564a70d73911a97e9ab766e477495b02ae04f8251e130b8b3da70898101a54c348c85efe8c9729f3adab63fbeb95c7fbc121c3500d494979480ea06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
20KB

MD5
fb6e6131c19c9bb8deeca1ffe5c5674b

SHA1
0daea417987257b8d807e92b9b61a567e5a2f4e3

SHA256
1a9381ed1c1663de3b13d144eb8f06b680836b376dba821550de688cf041c8ee

SHA512
3621d963eeb2f33952041e64f3679d779b8c05bac00238d104bc66f2d5a12033346c037a0af8962f050e9e00ac3460d171c883e8251d3598cbec973b448fdce7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
97KB

MD5
a765426b87c443b61b2d36eba26bdd0f

SHA1
9440165d41b2449bbe48fdfa2219e18ea24dde70

SHA256
1b1db5aa359c45a233bb500e491a8f2fc76af9073eec666872648aa7012ade66

SHA512
f10f99e3e9bbd2c054503e993f47f504e783a6adafec6b530c43aa976de7c68ff30ea79a7a78a7b9c208542f5f0e7e5daf479b4013861da7d7ed7014175aad03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
44KB

MD5
18a7a919b8e43316c2a74e426cd58407

SHA1
4be230b1197139624c58085c60c6eadfcdae3f05

SHA256
a778d7ba869a48c726d1a5fcb9a44f0d23023ca371ba626debe27913e8f4ff9a

SHA512
7df94dceeda7bd35e308fae4142d6692a6039a02b85a6a78fcea646e0c9cb56fc96b111e398bafafba76957f9ed9538cbf1e60b4e28512823ac1794963779cd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
36KB

MD5
a8f1271abc40b833bd564c9653565f28

SHA1
a2d16b3d167f3161312ed337edb1172a6f3cd097

SHA256
e568a1fae7a153a7a84da4e05fca5adc295a05390b30bdf57270c8966152be6e

SHA512
bcd00ef05d6fcba670b6a9722210247d22f0e2d04713eeb21e871fb88fa6cf8ac83c1b48ef424a7b06ebcde2e507dda878f31cd2312f5db74cf76984a2e8fb2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
127KB

MD5
936241acb23c8eec0f928867adb141db

SHA1
be7ac78ade07f6b41f03a976b6c33838e46ee5e7

SHA256
4055441d4221c8d3727f8ca9e39e9560c5a9fbe00b9efaa7e42bc4a98ed39d9f

SHA512
7aa8736ab8d7b21c39a5d613021f0f46b0cd6fb67872ab4bb3fc2ae801417ee61631454b7afe85268c3b8a6eb3141676cae3b03129ba16c7ae05c77871f30b4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
98KB

MD5
2a81340e88bf3d56dc993cad21d5b25b

SHA1
aeeb2e7f0239b8866b7b69e40877ee74e7841528

SHA256
0b5625b1cb102ca568f942df015f2b698fb49e32ce57246f7684a1f6219e5a43

SHA512
b91fedd6eab08fd70ad05d7f6b2c955cc18716b3b86c0d4625ea2080c38014e03350775d774da6eaff044ae1984c64f1d6facca00bf026c76542433561446152

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
102KB

MD5
209b3c9a439df444f0b3fd20b89287f9

SHA1
8b6388d74b9275efec9bdc87a4ecadf1d50064f5

SHA256
d58722d660eb7410eeb82af732f0586ce3a7d40d69e31d6a0baa3364beb3e34b

SHA512
b8e0dfdc7dbe546e5f20eb0c7728e199421efb46915f55a6280c0cc8799d6a9c6077a0fcc0ee854e982320b4451d03b118613a9a717d0cc85a141ef552411c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
33KB

MD5
2c0c65717e97efe5d968120c4a2642b0

SHA1
659a6586bf1105d0404301f2aacd1c7a42f7eb90

SHA256
372c63aa7d845cd96046b1fa719751ca6f157ffe558706a029c196a7527f20ff

SHA512
145ea98ff912ddad4e8581b7787963ea710f682ace424320d6ea31647cd396e7d9f8c32626489c17a14fc2fc57af847768c64475a1b055b38cc6d6407218f24a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
32KB

MD5
18498918cdc6cc1ebf10f758ce58c4d4

SHA1
3611ee09865788666944bbafe0ef23ef59c8c3dc

SHA256
95b031d8acedc217e97ebec00988dbdc2fa33c89b4881a8c5afc761f47349243

SHA512
457f8166a0677dbf0cbb109f28d01f21191675eb1a1aae204d3cc65b2924ac2157848bd29c58848e5d0924d3e0409f0e51b93024d7c97ec4004b9d870e4b1920

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

Filesize
20KB

MD5
e922f99ffe1e8eb6ff6c80c8c2582339

SHA1
a737e6dbe5bd43874b6b49a8ac947b36f406d47c

SHA256
fdbbab8f74ff0685ddbae8725bb34b645af31f70da755eee412e6c64d78627eb

SHA512
211182d1b99db02f0bb92786d57bc1cc8db182b4d56b5493c26059cdbb651fbf59a4ae0e9c712bf80ab94396e42c0ddd75ac52dc02422668b3525bc7d1625ce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070

Filesize
28KB

MD5
757bf8221f08924f295dd5639d6f8785

SHA1
b67d9b6e1eb2d279a17b3f6cb0e3685180544c2c

SHA256
377e80c849c985b88fe2d212574fcbfea3fe4bbae233dd15145c27c2d454c18b

SHA512
3bf54d4b9121fa975e278f18df5b66f8e91f804189acb20d5e81dc8a114f3b65dda8a1945e4ffad6e353906536a9c3755ef13e485bba4a04d4e3c074ff2177b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

Filesize
54KB

MD5
d0c83a28f049e847d41cbbcafa002a84

SHA1
dc196e89db385633acae18a38d34fead20965147

SHA256
248e8f5541d0e3d2af4cba920b3ffd6c9035bb9cf5cc2320cb8a9697331ce4c1

SHA512
0aaa697d2b269a6a93e148ddf26997d6525ab468977bba3df5526c99051ee69e769624aa851e62a6588800bdf293969c897b61c934936fc39397d8bf4cd3787e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

Filesize
683KB

MD5
b64d923b3573fe2df893d6d5f549d079

SHA1
bddf64ea2e8d20d70838d84d179806c1e5e8294d

SHA256
45ad510ff2452d581cbf10d9e5e622c8470d5a614b692ddd425d9b9bf55af75d

SHA512
7c47729b7a02213cd1db6dc3613e0caf761cd91a26e13fbafff456d22db2cbb0b401d4b70e79bdb45d0497e081eb0a012e0f5a4a6bf50c99202b71d6067e0c92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06dc9c6bc92ebef1_0

Filesize
235B

MD5
d4fdbfc00ec0f31bb1170dd4223d584c

SHA1
fc88cd92875f9d053b882612937483ae11c0adbe

SHA256
2185c3f1ecc29f5f9625ff583defd2d23f8123654e89b007b43247385e48cf3a

SHA512
dbe6a7ad6ddb98e1989becfd5682a2228df24181556c8dd8792542fc68c7a31e0a0f29c21a1643975f51c76d68a1ad37a87e4bf5b1a8006f571e8dfcfff83ae3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06dc9c6bc92ebef1_0

Filesize
235B

MD5
a4c5b2219fd3843f8ff451da446752d9

SHA1
1c2a9c40622bc7b7ecc799f18af85d2fed534f39

SHA256
14847f7127e08616416332e239b4c02a033b6997657324256299620194aca572

SHA512
114fad652c9d1e57b83b7b1113bc8dfb0d9fcb9fc80fdc82faf7a3057ef871c1bc0c681246fff2061ad652ad845ebaa1ba752bc49cede99113b771de4ab0e967

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06dc9c6bc92ebef1_0

Filesize
44KB

MD5
30b6c6912a98fe4f2e36903a97647438

SHA1
09759f183222ae35bb959fb9f9c73606424300c1

SHA256
aa5a6928383d376173d2726aa95946307e20e3cc2d190b06ffcc9cfc6989db24

SHA512
c8adcb5e10be56af77382002685e16c52364b2438d68cff5eb24efbffd8bcc6436babd0c33e9e754cfdc599b598d27f20f6ee6c9c9762abef4878fbe5f44ff6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0b6e1f9ee7fd0caa_0

Filesize
36KB

MD5
0ceb94a6c7441c44252b61a699b24194

SHA1
4f972288db9bb7f8b36bc0d244306f5512d9a58b

SHA256
b0ed54106d4702cf08e774048367a194d2e47f9b926df714eecd093541baf8a3

SHA512
c1b6085905817839c37104819ea102d1eb657674893dbc143371d5206483f08c2ab845ec01c0e03f0a0fdbe1a80ef15196d485003742f2dd3d78509697e63474

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\132d23b4aa49a4cf_0

Filesize
120KB

MD5
afcaaeda32e06c1c2097d69524f769f1

SHA1
da972a53b9149074d967c57ae2955480cf927f9a

SHA256
1b805880e15ed8a3a02976a3ba5dba3bffb10e7499b612574768fe53b42529a0

SHA512
1e495f41bef99c85fa2a6df0efd63fe5cf6fefcd7f6237d48fd7270addf63c1fdd5d5cbfa77ebaf6ef3b826e92113bbdb5e3b817c1b01003597c66d8a896d8cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ea8d683dc6d4403_0

Filesize
309KB

MD5
0737c266b5df05db7f49bd1073c354b4

SHA1
2112ddac5e25c7a61afedc5e3341c1465ccbad58

SHA256
4c4329dd5a1d71609ce0af813a0bf530d3a907552668998b7a22da8e51f59393

SHA512
832abd46a9cad8716e03345f2611f42fe13f4b48b1b9388d6ec4cb25227f646ac6d3f26bc97f91a3b93b811be83ee28c7885bed7fba37c8282ad3159ce9aa460

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24ca56746409bcc7_0

Filesize
317KB

MD5
f3b234108911bf3374647670cecb65fe

SHA1
eab3e4249278cee6ef44a9674ed227080de16627

SHA256
f14cd8a88bb1b2f725774f3f285f74037a5143c750eab986d606131cfdae8920

SHA512
3e8fd5ca6af2af3ff98a409db1dee6a914e948cd128f39842a98023a375ea27a43fd524f4f37f1ae59a2d18df6d137dfaa75702cc202b2e9d15de97fdbb85f19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29f12011228b3ed9_0

Filesize
283B

MD5
c4f18d5666d6437ece0b75ac37426782

SHA1
69c654fad1c215e7d798c7f8ede0fc107a19c8cf

SHA256
c2457a64dd6c62501125047fda8c8ff0a087be7f1af214e1a5353e26e8d624bd

SHA512
47cb7766fb9fcd98a30d6d8bd8e061627789c49aa1ef6b9aa4f57f70f3b0bcd4be9d89f7368fabca67f82c018c1c345996deb6e4dd61b49ab5ad80a99226ab44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\319eed3fb0522673_0

Filesize
287B

MD5
aab02fa582f4cc66b9d7e41a578aa703

SHA1
01c2149e36387f95ceed658fe5eb0897c02a78c8

SHA256
7649c219616e34504b88472d0f1ab9f87bb1b3693226419447f04757fbff428e

SHA512
a29efff871f72f41a9bc994631118e02cec69e4e908fd0aabde916a8cd52c2e6c0a90920643ba3bc6f0dfcd02199499cbd0a4c27c4f237c764c7c2e225d9fe33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

Filesize
212B

MD5
55fd9b8ec8a9c4e10b0e6034700fae3f

SHA1
f50f7e2bcc8a0264ba6ed40a07a4feef8132aefb

SHA256
34860bc46c731bc6fd98c6a31593d3fcbe46abe7c75d2b9e91b8ade8c5df39f8

SHA512
6b62521ada440e41a7fc3e699a7fbd25f6f7f49150a08c419c4c1b26bb4ffdb61293528d28c98b5f70b494ea2c616b691d2fe74573538dc404e392e3b8c816b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

Filesize
212B

MD5
8a96c57309214f246a66880e4bb4bfae

SHA1
d17067b38ad570cdeeeec4b8055fd03188bbbbdf

SHA256
ab2604bc4be63451adc991ba9b5bd897348cc8be10beecea1e98a68827689574

SHA512
4aab6fabeb82d5a202f1515de46148c647d4d84fbc36cd37017dc8e67f8d209219a5619188dd29357b7e15fcffa522523b25a872425fb16c05a6e9bdd71b74a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\40c8b5d4c37224a1_0

Filesize
288B

MD5
e4672755d98ad8acfec59fac79747ebe

SHA1
3165760b8aac811d1f2d2492f8abe6abfbd0e002

SHA256
31350efd07e6c845e545b360d7e3efac707fba8eab036a35d0e99225bdf33c9d

SHA512
e40ab30cf35451581eb5440e83b352c59a138fede72b4cb2f07b1314dc5beb4c7856188ef8a48a42160ca7eedd1452ae7c33e31656488f597f04ada8f511d12f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5261f547b8a9ecd8_0

Filesize
235B

MD5
6298a28d73afff2563dd64361b0d3728

SHA1
b31ee94a25cb07f2b1b8a2a535cced6431608852

SHA256
694bcf4d719befe18e7c2975dd1b57b49dec177cdf66a8cd9a904db6c97ea2cb

SHA512
8390e727c287b031ae36a8bfc40bb06e1546f0f32e3e55a349cd257743425da086103da96d07f807be1e4aea913aea67fbaa7d1436bd264be6227272095c5214

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5261f547b8a9ecd8_0

Filesize
283B

MD5
5be3cd6faa090ad02c126eae22ec9c2d

SHA1
6bb1ee563fce255fd08704f77799cd284133e436

SHA256
03b7436f388307b251d4eda2bf258610947f4bfe7125e90c47ae6a64a0a0901e

SHA512
ca7278a4508bca230b10dac4139f5716bcf4a511294a764de0782ed932186acabc5c9d417e0da8ff4130b8245aec6d3d016dcd40629e0e9aae167ed8aebcfb7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57c840672b46ea0b_0

Filesize
289B

MD5
4c2eaad8ea6f431c54e4f5da3effb31e

SHA1
2c1cda1714c509ee32425177539892505d842a01

SHA256
8c270fd451ae6237074453705ba1aad1a0b66e9d85f3c31b8b7408ea3a8a86bd

SHA512
4f553ffa46d6a8ff96c5b1e015729e9e27c7b12fb0a785832de985faeb10aeae475101d4d1963757a3a43c82ce502dd14a9b7b3f7a71c93486bb78af5ad60afd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5fdf98a3e60c77f2_0

Filesize
232B

MD5
6e5d7b179e93cd20caa06f1f52496fc4

SHA1
80c0499f193c084568820f86e1fe5df658e7efef

SHA256
68cac98c8def991c7ab66461d875b3d4d6628016b76c79d925f738f8aec06ccc

SHA512
85e51b822731305c09cb6479977376cfd91c8d4c13b28d0755ac674e894b8fa13b83dea2226a77c1b6ae78a49b095911f8c0dfbe4c58196c0a4cbde5fd701044

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b9e07ee42efc2a9_0

Filesize
159KB

MD5
d5bd8fc1f4159237f1e1b379d598db81

SHA1
97203eaa6f6b6f52f88d7e1dad8aec7d66ff7a50

SHA256
450dcabf173661691786867c2fc1a42a9b2093524e7ea813d12a65e8d923445c

SHA512
dfc7b6afe5e14aa6def46ba24731831f0c42e626455aaa0272a430684f81c209d6d4d34b009308ec8dfb53ed6af9868e25de7836fba2a312519237b8e8868a8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9628e94776c95f0a_0

Filesize
235B

MD5
5878fdba6f694e763e8f4fa3874fb5e6

SHA1
0ef5a7c6c29bd4e22eac7ba93b1477bae53d5c8c

SHA256
f061b4a3b42b89985ff8c1efe638e401804f9afe88d18c88f99826ddaa4ef85f

SHA512
7e654b6e0bdbcf474956618f7342893d86ae3f918955ad46a552ce0e2106540292f08dac6c1942b1818ffe44bf621369faa9ca04b5fb187a411a594be5d305b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9628e94776c95f0a_0

Filesize
283B

MD5
f2c6fa74b86524d3c4c82e76ba2a504c

SHA1
fe6b8959b54d5b327601618784149e9f11e2649f

SHA256
401f59032e42cf1ad44c33e37b771c9180407c9ea4ce10831245ded42770a94a

SHA512
9949c6f5b1cba1a5e764456d01cc99eae98f454e7f965421fecc90931e723a34e51bfac03456c27c634155e52df9f826e0787725a157d57a54b035e1ff8a3609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\98d84956642274da_0

Filesize
247B

MD5
50860e77aac113b5dc3462f1cc97096d

SHA1
5281416c3df505fb67dd97c97243038f5fa7bb26

SHA256
ee135d5249cc3a41c8024a232de61a98e13c57c1c604e08772ad0e6958285888

SHA512
7d6728b25c47390d077e8473eb1bf93292628660768b94c9789f2d2dc4d4bcaf76c5aa56cd0eba2ae428fe1ea1f6bbde89d6c804ffa8c4c668697023414285d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\98d84956642274da_0

Filesize
19KB

MD5
7b767c7993ed5702ad7b8a40e8560743

SHA1
54f93a8b3db6d5a677079c1f0f89656f52817ada

SHA256
dec1356fb3eb04b1942a17bff8a05597790a80f2f639d3c136910b38839aa4a6

SHA512
ac906d930f256b02bef0443cf5d8e44ae961d10da162b0d9ef35873da58495c509db493f072b53908c45fa6f9fa480fcaa55480957929b01c799fd7ddfed4b0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9bade22fa1f38809_0

Filesize
534KB

MD5
212c730781b95db6d7cb5255d10c0bac

SHA1
ecaa8e3bbf3876b1107bbe46e1aae616f914e5a2

SHA256
2ecafb0f5f37aec6240d8c2fffd50ea50b86fe0d750a9946a701c9d59ef5f703

SHA512
8339fd6d6eed21c74b515f529f6e33a3d3d599bf52434332f3b3eca69ff0e9853599124653b931de34082c4a7e1a3475ce12526cc1b0da8d7767c994c3a386b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a4d44af77c71ef92_0

Filesize
233B

MD5
4d8247d018f6acf77ef18c870c8d4cce

SHA1
2c04cb604c94027e232c740e035e99c9caa813f6

SHA256
0a699f528adc9ef8e5eaa97de76c695d7e7abcf8fda80c4ef1ca6d844315c9c5

SHA512
a532c270b38976a0d301a30f782de59499216dee1920d70eb20320fb0063002486c7488a9d0d6512ddee2f1eb2a83b730c3a135a266fd3903df4d8e92dc1a2cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a4d44af77c71ef92_0

Filesize
281B

MD5
b92430f82004aa51982a5069dc94016d

SHA1
d4aa442a541d09f8d913cf3ba9b099a6f1d1ca4a

SHA256
22bdc57f8e0b02ca476953f854fe12fe42b77d587cf5b93b0466f42cbb840e82

SHA512
b1fd7a3090ebdb2c5d66fdb7818585c5a1ceb070edbd00264d84924b8ee13f21179b1689edba13d516acaf3b67a6a20fee4d6c941b01d8aafb7feb9e2255a213

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2e263ac296606fb_0

Filesize
101KB

MD5
978ae76637f0514bc9ce1b7247ce0259

SHA1
66adfab10250530cf9a0823e5213c18b69278290

SHA256
6a88f48f5b423b7e8a0683490d8efb95f05c15d5225b9ef90ea1263e518309df

SHA512
b6bb41d612f3a7e7fab8a55e26dcd9deda7bfef2fe111e96999b7fe87cb405edfed2955239712f0703617cd0d3be9610261f12212045c2f04d4ffc7119db5658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5ff5e7f7fb2be46_0

Filesize
218KB

MD5
e82bba63d67053c03268c2e9ff731fa8

SHA1
56f6b1c37de9c8514c7bf8eeb0a8119d2470687e

SHA256
75fb078b4053e1499c18d3b7bdc10e5cb04841209a62a9cfc91579161bb694bd

SHA512
86889707328f0289303e2c4997bbb80ad6da485fe1fcd55754c9515570537cf98b1fa87472567fa0dd9c8321d29e970810f9fe7fb239733008de900e4b6d091d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c074470f27576560_0

Filesize
376KB

MD5
a2682dc84b509316eefa30a6985c67a4

SHA1
4c9d2c5200ba53b42600152d817ec22500a0c082

SHA256
99ac4d3eda9a21c7849ad17b425a50cc6cee1a6e97e1a9a4b4d3805a64de7e65

SHA512
33236ff40561e38d36e25007865029307eed378e13f676e3931fe07637b30992097c0c828ebaf63eacabbafbcc01a63f963e55f4cdb8187706b474e658530379

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4bd4b19b8d9fcf2_0

Filesize
12KB

MD5
7312062e6fafa5f6cd1990d8aa2cc7d8

SHA1
d2ae6e77bcd1d5c6b565801311ce528ddf792403

SHA256
16a802a4b4423b3efad3e0aa962db43a1e35326ab434c24316eec4d206552248

SHA512
1ed4e590f34cf6363b77001403b3758d05371f1c85fec39fdad3c49961af69e01c948829d909a30583aa093ed73c0cbd1b300220e171a741162b227ab5639a0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6692ef8a47b2b10_0

Filesize
291B

MD5
4a9b7e5d853e98c6732e59a9e471158d

SHA1
674dc577f726bdf6c952128f3d3db826915a1f78

SHA256
8defadaa4c2de8e82bec2d0d8044a558034a5f45de780ae17917437eae9ae516

SHA512
e38b98bc7d2032c38e84f47ba304c6730edb6d8038d075ae7606a5a0c543e6b18cf7a650e6d8de1912b4fc07710ee01707371009d9fbd1a71099ba2a79f3acb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6692ef8a47b2b10_0

Filesize
291B

MD5
ce28b21c687d289fcb26c20e8552a590

SHA1
1a32db9b48ab194bbb75997175d3ea94d70d8668

SHA256
1b5dac03d46136e679f9b545d1fba94f3291eabe7c6a16a121ff8611d6210883

SHA512
2c25ae068ba6c9f62373a3fc6a58f591455dd3e9d5968491b627f7bedf02942ad98f25ed2456224893921fa323472daec062b89f937baeeb27aae17cc354ff38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ddffc325ca028b23_0

Filesize
73KB

MD5
1b2980ec94001e9f897fcb04a29e493c

SHA1
ba2e187b88720043189095c6eaa4f1da1dea6553

SHA256
a94c4a268d180761908aea3254f84cd1a07140215f47b9a6002f86b81b541200

SHA512
e584b4e0d99c59b7fa089004599ff8368eab50e448b76e63c06917582b93da83f19a15bbba368c2f869f9405d453db5d9e7c2b15e9b459892c570cbbdc880d67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e22819b63dc32694_0

Filesize
283B

MD5
dbdfb974341f729f7e336a5dd92f057f

SHA1
7070f88559f659afafbb7ef48617230b7e2822e0

SHA256
05ee459f0213834a522f31c8424499fe069e925047004efa62a0cc25786add68

SHA512
81c56a8e38d663889d6e07f2735fa198d896797e24116297eb9f79a745658fb3450d6352f6ba339786a541bbeb893ae1f9f2efdf1f1caa604c4f036bdb228707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9545717e6d151d2_0

Filesize
62KB

MD5
5d5cd7ec7fc981139d1f4e16462d9ded

SHA1
194599d5d742cf744d7524ba91ed8f751ef7e45b

SHA256
4c21f92a8edbc86f751d5432b0a13c7a00090ed7afb9970ffeb6cc0c8026608a

SHA512
043eebb94318bed8bc78d783ab2df57d3cc56c005ce29bb11a887ccdfe76b98efbf2e6830053636eb2476abca9f52791ad360a937c4e0f1772667fc3ef68db89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4e608f0fb878720_0

Filesize
151KB

MD5
81a7709eee706116725adabbe3667f76

SHA1
9d33033cca2d22a39de2854c2cbab1bde4235f2e

SHA256
7c71e1bddd63434d5e42b3fafe79e8f1d5b29c9042c5c7ac2e0432860d7c510c

SHA512
3bdb95e5a03682c3fc5b6a147ee66762a8b834a0d7cd7c507535f9eef59d8c4fbe1b8b217c3a596de1435161f000c1795510195ac5f1ed7ed5f5c072c0bb8006

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7a10376f44f11b2e8fa2e1215785bae7

SHA1
a3c3115e3dada72903fe7e0ee6456bf98a9a06b5

SHA256
13a64ba92e555057300ef4c0248442100e93ca77bbe26a5a45adb25a50164baf

SHA512
0d7f4279174e90df1ec9628aedf5671d47aed0aca85c120244df750723c15cc0f05ccdf2e618b54a6851f32f9d65f4e9350b64b7017b81de94fb2a56b002d40e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
1dde8225db1baae71ed8be8fe8354d79

SHA1
475dce738dfd500ed019351b6cccaab6cbc759c4

SHA256
31e2ac3afd4dbfb56708bf0e7a73fa3f82d212313e02d884e7f389fc8ac94ca6

SHA512
d302a652b1e767a4acc83717795054c3a069f4b089884730ad45bd1c1799a60ec82662af32745aa20ee5b94b66aeb0c1c6baae745f433348e3c4809b156bee40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
b3216899c3d4840b0991af730a34e4fc

SHA1
fca9b36e7b3468a932d463a2942020b4a0a6821a

SHA256
8a902f13f5ecd9a0db365ead60c809e09d0ad97bdde08653872dec5d994b5aee

SHA512
628a16e564dbe870bf85cb889c570ff5956e5d8936b86dfb94113f9d42597fe8beec97fc2fadeb35c439b9ee22af8cae451d073d63b68aeca62daccbe91581e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b8036afb81643db88bfedeb26b6dd812

SHA1
f043b47610deb1819a689df3ba32026e56ac0dd8

SHA256
3e70af5b729af787f635f619cde17ff5c1d46c975ad8d7aeeeb4f9cd61048da4

SHA512
d15b3aa3799de8f65aa127551f72411b02c9a719ecd12300b071e674633369f58347447d47db4358fbb3318f2fe87073d87340e17cb6cc1ac36b08c933d9892d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
054b603d6d7b7d410eebf6a0f29d15df

SHA1
922262ca2dd2d615df3a9d93b96fee28d2385c5a

SHA256
dbca1ac1fd5871b3e57f725edff8e5ab540bfe1540a69344b2fab8feea7c7fb9

SHA512
3439e6e122e8ae310f00c2ec53c9e82d97cff0cb864d1c1f8336c0cadb948b41b7b018e9a38cd485a976d6d6aca362877be1a083d756c1616cecaeb3b00bb5b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9f2c098e01abf991ec096a8a5bbda218

SHA1
042275d829956a66cb466e293d5f6180f4b03ba2

SHA256
652f7d04d251c368c9e7d194183fe6c18b5c35bce7f187806f6292b2bc95afe6

SHA512
4cecf79d13227d8224544bfbb6c29a6d8e6db8854dd52e7d8ceb445b3b30c7c3dd22887e8e49d2fca54b0c4015214d30afac95c6444c61a22b697eb36123dc34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
7cf2fcb66ed3c1e61d248795876f37b0

SHA1
81287c45f073dd4f98edbf06f29569091fbaefea

SHA256
2a222a56fff664ace90fbac60cc8a39e8ac6442a14fed5d48170812ae0eb314f

SHA512
bd283c0fc49eb55fa1087d374acf4105ac2c2a701cd3259600e014bdb9f03a5ff3d81a6eb6214c26674446af5fea03671806a6648ba890aa8486912db78fdd90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
6d8d223ee107a76cc998919f2387897a

SHA1
b6a636ad2ff60fafcba9c09ada38ab9ca720711f

SHA256
7b1a88995f34a23c650490464ceec835e7b958df878091efc9db206b04e70757

SHA512
aa3fb41884af62abb8ace9be26dc14ca906001c271437db89be37cdf90fef52f5efd23c92c43cd11d61892632ae782af4a5a83b054c8c9a7637efba4e31d745c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580b65.TMP

Filesize
3KB

MD5
4b1d188b24889442402b195081612372

SHA1
0cec3bfa485288e79cdb9fd3663d1a561c1cfa27

SHA256
791be2fb0093e65db88fffebfd4fb4175ac5f91af2e690e3482ad31252777c90

SHA512
925e795208e6bccf9138058d67beee0855a9757151836c9a4798ca12c7c2dfb2206f6c92eb9ab847d4979f3b0bdbbd9fa79dd09572639b6bcaf6cc3077a31842

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
16e8243fbe3059d2b757cd0cecfbe5b8

SHA1
63fd0de1c76d2fe9c057c15e81d0652c53e7a814

SHA256
f574bd1df46b94575b93594a121f517fd13dc34393749d48df87e3124bde1486

SHA512
7b0e62856d9175ad7800c9079291e3c390af9894947a11bc9a49c2fc2b91448c3be979bae09fd53bf12ad1477ddefd73ac9a1b20d698acf0607fdd849a3d8d3d

Download Submit