Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    142s
  • max time network
    144s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    27/08/2024, 16:21

General

  • Target

    https://pastelink.net/93w7cbr2

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
  • Probable phishing domain 1 TTPs 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pastelink.net/93w7cbr2
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaa9b63cb8,0x7ffaa9b63cc8,0x7ffaa9b63cd8
      2⤵
        PID:4596
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
        2⤵
          PID:2024
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1056
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
          2⤵
            PID:4564
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
            2⤵
              PID:2340
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
              2⤵
                PID:1980
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
                2⤵
                  PID:1204
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
                  2⤵
                    PID:4688
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
                    2⤵
                      PID:5048
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
                      2⤵
                        PID:4396
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
                        2⤵
                          PID:4164
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
                          2⤵
                            PID:4264
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
                            2⤵
                              PID:1608
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
                              2⤵
                                PID:2860
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
                                2⤵
                                  PID:2332
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
                                  2⤵
                                    PID:2956
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
                                    2⤵
                                      PID:2284
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
                                      2⤵
                                        PID:3344
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
                                        2⤵
                                          PID:3764
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
                                          2⤵
                                            PID:2380
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7536 /prefetch:1
                                            2⤵
                                              PID:4328
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
                                              2⤵
                                                PID:5064
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
                                                2⤵
                                                  PID:5228
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
                                                  2⤵
                                                    PID:5236
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
                                                    2⤵
                                                      PID:5380
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
                                                      2⤵
                                                        PID:5448
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
                                                        2⤵
                                                          PID:5604
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
                                                          2⤵
                                                            PID:5892
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
                                                            2⤵
                                                              PID:5932
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1
                                                              2⤵
                                                                PID:6000
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1
                                                                2⤵
                                                                  PID:6008
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1
                                                                  2⤵
                                                                    PID:5468
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
                                                                    2⤵
                                                                      PID:5856
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6708 /prefetch:8
                                                                      2⤵
                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                      PID:5920
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10884 /prefetch:1
                                                                      2⤵
                                                                        PID:2948
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11224 /prefetch:8
                                                                        2⤵
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        PID:5680
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10376 /prefetch:1
                                                                        2⤵
                                                                          PID:5816
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
                                                                          2⤵
                                                                            PID:6116
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
                                                                            2⤵
                                                                              PID:6124
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
                                                                              2⤵
                                                                                PID:5712
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1
                                                                                2⤵
                                                                                  PID:4324
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7456 /prefetch:1
                                                                                  2⤵
                                                                                    PID:2792
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10692 /prefetch:1
                                                                                    2⤵
                                                                                      PID:3936
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1
                                                                                      2⤵
                                                                                        PID:5176
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2520 /prefetch:1
                                                                                        2⤵
                                                                                          PID:6100
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
                                                                                          2⤵
                                                                                            PID:696
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8564 /prefetch:1
                                                                                            2⤵
                                                                                              PID:5500
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3532 /prefetch:8
                                                                                              2⤵
                                                                                                PID:576
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:4316
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10932 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5696
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5612
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:4124
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:1180
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6632 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:4520
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:3828
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10372 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:3608
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10924 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:1756
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10112 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:5824
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8212 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:5524
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:5616
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:5480
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5320
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9960 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:104
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9600 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:5792
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:6088
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:4480
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:2364
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9172 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:1900
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9304 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:5124
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10096 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:5572
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9584 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:2068
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9816 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:2208
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1020 /prefetch:2
                                                                                                                                                2⤵
                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                PID:5452
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:4648
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10288 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:6084
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10604 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:5540
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:4640
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:5888
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:4204
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8640 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:2564
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:4324
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:1928
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:4400
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,10880026585565203380,14944841921820339863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9544 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:5564
                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                    1⤵
                                                                                                                                                                      PID:2564
                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                      1⤵
                                                                                                                                                                        PID:1136

                                                                                                                                                                      Network

                                                                                                                                                                      MITRE ATT&CK Enterprise v15

                                                                                                                                                                      Replay Monitor

                                                                                                                                                                      Loading Replay Monitor...

                                                                                                                                                                      Downloads

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                        Filesize

                                                                                                                                                                        152B

                                                                                                                                                                        MD5

                                                                                                                                                                        026e0c65239e15ba609a874aeac2dc33

                                                                                                                                                                        SHA1

                                                                                                                                                                        a75e1622bc647ab73ab3bb2809872c2730dcf2df

                                                                                                                                                                        SHA256

                                                                                                                                                                        593f20dfb73d2b81a17bfcc1f246848080dfc96898a1a62c5ddca62105ed1292

                                                                                                                                                                        SHA512

                                                                                                                                                                        9fb7644c87bdd3430700f42137154069badbf2b7a67e5ac6c364382bca8cba95136d460f49279b346703d4b4fd81087e884822a01a2a38901568a3c3e3387569

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                        Filesize

                                                                                                                                                                        152B

                                                                                                                                                                        MD5

                                                                                                                                                                        228fefc98d7fb5b4e27c6abab1de7207

                                                                                                                                                                        SHA1

                                                                                                                                                                        ada493791316e154a906ec2c83c412adf3a7061a

                                                                                                                                                                        SHA256

                                                                                                                                                                        448d09169319374935a249b1fc76bcf2430b4e1436611f3c2f3331b6eafe55a2

                                                                                                                                                                        SHA512

                                                                                                                                                                        fa74f1cc5da8db978a7a5b8c9ebff3cd433660db7e91ce03c44a1d543dd667a51659ba79270d3d783d52b9e45d76d0f9467458df1482ded72ea79c873b2a5e56

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

                                                                                                                                                                        Filesize

                                                                                                                                                                        20KB

                                                                                                                                                                        MD5

                                                                                                                                                                        681684b98337ff2d590ec8145f8f95d4

                                                                                                                                                                        SHA1

                                                                                                                                                                        a3d12dd3e20be6520c06bda3c188ab58478370e6

                                                                                                                                                                        SHA256

                                                                                                                                                                        6ed6c1fd7cf2572a27b0de9b5797bda243394eef1cce39c5583b9aa8e9b6ca26

                                                                                                                                                                        SHA512

                                                                                                                                                                        0743b836ce01b920723eb59e79ceffe2a068ec1dfb55523ac7850ebd9c432788677f0327c9ce8b27aa60d9d8e9294b08bdda53c20651f38f1cb0be073a859a2c

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

                                                                                                                                                                        Filesize

                                                                                                                                                                        26KB

                                                                                                                                                                        MD5

                                                                                                                                                                        97a3bed6457d042c94c28ed74ec2d887

                                                                                                                                                                        SHA1

                                                                                                                                                                        02ce7a6171fb1261fde13a8c7cbb58992e9d5299

                                                                                                                                                                        SHA256

                                                                                                                                                                        ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67

                                                                                                                                                                        SHA512

                                                                                                                                                                        6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                                        Filesize

                                                                                                                                                                        1KB

                                                                                                                                                                        MD5

                                                                                                                                                                        cc5efc25d0677ec1de1a951192c25214

                                                                                                                                                                        SHA1

                                                                                                                                                                        9f15ce4b0902e29a3853b53f8d6d4a9d637b9fda

                                                                                                                                                                        SHA256

                                                                                                                                                                        81c161e3d07830e6f4493b5ec876860fd3f17436c4c8ae3938832205386838e1

                                                                                                                                                                        SHA512

                                                                                                                                                                        f91a469d82a78546609df200df305c8886d615a7bf5aa056e90e5623e41d61451818033d8f3fcb5430a309b75dddfd002b887b79800ce5d89c9719e8764eb35e

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                                        Filesize

                                                                                                                                                                        11KB

                                                                                                                                                                        MD5

                                                                                                                                                                        101565657871c49e545e4cf8ca835796

                                                                                                                                                                        SHA1

                                                                                                                                                                        81ccc196143f96437dd75ec7b610d272abf3ff22

                                                                                                                                                                        SHA256

                                                                                                                                                                        b5bdf8d86504142b805919d550a817a65f23ac8e5634446a090851e11f5ba65b

                                                                                                                                                                        SHA512

                                                                                                                                                                        9171736b6526ce35e8b2f5eb57ce994ff1f04cace55e629090bd828d19b8b3e4ae024ee9b1481116839788dd34525fa0fcfb5e80043d363b9e2acc49159f03fd

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                                        Filesize

                                                                                                                                                                        13KB

                                                                                                                                                                        MD5

                                                                                                                                                                        6c0a727a529a3ff898d04409d00720a3

                                                                                                                                                                        SHA1

                                                                                                                                                                        38d4c237b7e4d22c12ab2b119677b0ef97bf53e8

                                                                                                                                                                        SHA256

                                                                                                                                                                        6a2f2de5d529f2f3eefa24f3e8709190f96d08bf98c97cf4f738acb8a2050145

                                                                                                                                                                        SHA512

                                                                                                                                                                        0e05e17dcf5795485e706b4368feefbb95bd365f45015f548c07c715de8a32a548ab609ad21ea6332abdf376ce09887d3237d2bb3bea52f919bef7648207da07

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        5KB

                                                                                                                                                                        MD5

                                                                                                                                                                        b0aa46da94fed88ec19c8851a8ac1b8b

                                                                                                                                                                        SHA1

                                                                                                                                                                        3c9b1bc7f89b1c30f5dc0e7dd1529c113a15e2ab

                                                                                                                                                                        SHA256

                                                                                                                                                                        f0433bb278fe3d6a25be8f9d37fb974a4fc2b3357ac588549d992bc04a6bc5b2

                                                                                                                                                                        SHA512

                                                                                                                                                                        90bd17eb2ffbd208429eeb5f1362dad027afb3bad78bda97c98e62e1c390c1ed6df252fe3e08e223b5aaef0cd2e6e1343ee82e487e2e166e7eaedf239724a6b8

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        14KB

                                                                                                                                                                        MD5

                                                                                                                                                                        1d7ab9dab9ed3ab08b7f25de0b5f0567

                                                                                                                                                                        SHA1

                                                                                                                                                                        3e4fc8431fd36aba6c5f219a5760953e61b01e0a

                                                                                                                                                                        SHA256

                                                                                                                                                                        2690466d5bd3b915a2dddb5f4cef5e23c3c5f09bb4db6db29b57864af2608e6b

                                                                                                                                                                        SHA512

                                                                                                                                                                        046e77e1e212aceae96cb9e643ef05fa360c8e810d8d26beeb48ea7fa04b2244d51a644cd7c38df249411b16c58650901a799bf6ef6c4a74892405fd6161c455

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        15KB

                                                                                                                                                                        MD5

                                                                                                                                                                        fa28015d7943bffea62d76cdff789439

                                                                                                                                                                        SHA1

                                                                                                                                                                        6bb38a9ba28bc8b849f067bd04bcaca1c9e47c58

                                                                                                                                                                        SHA256

                                                                                                                                                                        8de19bfe205897b8066dfac8cab945a9070d932429198085485e1a9535970de0

                                                                                                                                                                        SHA512

                                                                                                                                                                        17e405cfbc2fa1d7fa6a03f6ae046edf6b23ff5c75233009ad1b6942405d33b0c2d06945b43cf6a709ddcbd29df2cb86dc26362753169a1ed24cdad4431fb16c

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        15KB

                                                                                                                                                                        MD5

                                                                                                                                                                        50363d9830fb9002299711f12763a9bf

                                                                                                                                                                        SHA1

                                                                                                                                                                        d662845c04c2f9edfd3c33a7101ddadb3657359c

                                                                                                                                                                        SHA256

                                                                                                                                                                        e210f4f5eda1f2108081f4929064a80334a7a5b5d52e908cd8209238d2fc802b

                                                                                                                                                                        SHA512

                                                                                                                                                                        6b4ad1977272a64f8cd6e64c1817999c7673fdcb4d6b8fadd16db2ae07ad8107617a047a9f3abe56f51e03a143d395a43f92c34be1514c3372b00b19b5e525ed

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        11KB

                                                                                                                                                                        MD5

                                                                                                                                                                        e8feed04abb08bf95e44508fdd6c347a

                                                                                                                                                                        SHA1

                                                                                                                                                                        943d062622c42480737fea575e20b660058138db

                                                                                                                                                                        SHA256

                                                                                                                                                                        5d2d8293e573af9179cd623c052c91d54928b887552efcfdc44540996472d981

                                                                                                                                                                        SHA512

                                                                                                                                                                        16425324de2e5e810f19c2b36c6ae931e253686462038fed4070e6eded3fe16dbb941a27e4d1d8431971a5b092255a867ac645f46792599d789bcb0a0a0ff698

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        15KB

                                                                                                                                                                        MD5

                                                                                                                                                                        69ed3fee6a08cee745e787e492160957

                                                                                                                                                                        SHA1

                                                                                                                                                                        8f838cedf6fe188253da50b80b9aca38e942219d

                                                                                                                                                                        SHA256

                                                                                                                                                                        714bc66dc688c410292d2773d187b000978e597cb6d614aa001d01150ccc4887

                                                                                                                                                                        SHA512

                                                                                                                                                                        1d41c4a989382cd810ac05a982598dac795ca91a9f01271333c3266b4350b5da36a62e734f8ff7f994529b777a7288b0cb19908faf4ac512d7f0b264ad21068d

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        16KB

                                                                                                                                                                        MD5

                                                                                                                                                                        779fb9cdf15b480ae9d596d08d909dcf

                                                                                                                                                                        SHA1

                                                                                                                                                                        ff6a6c9da69288470520ac915f4023bb2c8ce47a

                                                                                                                                                                        SHA256

                                                                                                                                                                        94221cccd97fa638baa5ee39196d0a3fa1f1955d5c26d6d8fc0b1b68eb727951

                                                                                                                                                                        SHA512

                                                                                                                                                                        e0dbc7b38fd3f6be96fb3e7a5cb803f41378284691ba5c907dc485a3bcf587005c513e21dd543daa917edbeec061b61661a3e352bb179b6a98bae3bbec129fb8

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        14KB

                                                                                                                                                                        MD5

                                                                                                                                                                        7cb068ddd306938789f46a43b769f32f

                                                                                                                                                                        SHA1

                                                                                                                                                                        865baf0dc9ddff282d4244155c2f2d3207ce702f

                                                                                                                                                                        SHA256

                                                                                                                                                                        8c468fb38f91e7195853718bcb9a86b460538e3d20901b38c96411429ba3506e

                                                                                                                                                                        SHA512

                                                                                                                                                                        2f216e00a20fb95ad91bab864cb650bf947d9f891bcd08998f5bd9a9d8703b361a3d49e1a60c8682f19a49e155a8b1397916a639609eaf33a5fbc5358ef742fb

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                        Filesize

                                                                                                                                                                        14KB

                                                                                                                                                                        MD5

                                                                                                                                                                        0fa8dd44a12d8ee0cc5a2a82d8b2ba8c

                                                                                                                                                                        SHA1

                                                                                                                                                                        25dbaf8feb7541f2c0390e395b94aaf02f17c880

                                                                                                                                                                        SHA256

                                                                                                                                                                        84f121b7cb2cf7323dc92d92f8989302234d8e7c16005423fd8cc3d0664c17ac

                                                                                                                                                                        SHA512

                                                                                                                                                                        94fea9e58b2366c9ad208b54e81e7ebab960b7cca087b074a6e0c6830fe91fcee7896048b2db676747c1323a44f0048e2830cc5ca35eb3e56f6f9a7776da6448

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\23426d47-3191-4ae9-8af2-664bd7f65754\index-dir\the-real-index

                                                                                                                                                                        Filesize

                                                                                                                                                                        72B

                                                                                                                                                                        MD5

                                                                                                                                                                        5599503412e46e0a3fbca6f062dde962

                                                                                                                                                                        SHA1

                                                                                                                                                                        1f69c5573be03dc2e8c8560a552c212232e9ee0c

                                                                                                                                                                        SHA256

                                                                                                                                                                        bb3768f3546b4f3ec2e667926e26281d3a28912a329c4304116d27c236c54941

                                                                                                                                                                        SHA512

                                                                                                                                                                        bd0c4f2eb902db63fa3e1cb45d9b054ffb691d1070976c64c9c2b87a2d55045d72fdc2deae90798655e66acea30f0208260973d395b0fbd5bac0c284510e967f

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\23426d47-3191-4ae9-8af2-664bd7f65754\index-dir\the-real-index~RFe59c28b.TMP

                                                                                                                                                                        Filesize

                                                                                                                                                                        48B

                                                                                                                                                                        MD5

                                                                                                                                                                        21cb7c7479e532627d657d420ad89d90

                                                                                                                                                                        SHA1

                                                                                                                                                                        7ac12c92b8ee546d9439b208505a69e131dbd4bf

                                                                                                                                                                        SHA256

                                                                                                                                                                        92e7a86a3c4a00751e1198a417a7b854f8977824208179d8427d329976e2bbfa

                                                                                                                                                                        SHA512

                                                                                                                                                                        cda58fbd8b8a0209331d71824c76f269f9f3c4ea546c66e816393aa6d8f80593a42d5910dc7922fe430a5f642950de2a3b3892965b150e1a88444684e28229f9

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\9709d2de-cc1c-439a-a72c-2be6f6c3a411\index-dir\the-real-index

                                                                                                                                                                        Filesize

                                                                                                                                                                        3KB

                                                                                                                                                                        MD5

                                                                                                                                                                        ab41911c948e74f03e983b9c1be55e71

                                                                                                                                                                        SHA1

                                                                                                                                                                        fa2b7f68a5a097be2b15785d17a79857edfe3ffe

                                                                                                                                                                        SHA256

                                                                                                                                                                        2e08ae134e6d915a5a5628d0115c32b48a715055dcb369ff48b9016a55e19dbd

                                                                                                                                                                        SHA512

                                                                                                                                                                        d611381745c273e551e9bdc9ac1c4eb64e895fbfba9690271c8179eb2efe4428b4635f08e4d6736227d27f087e8543509da38e22f75494ce59d66ef37f90bbe2

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\9709d2de-cc1c-439a-a72c-2be6f6c3a411\index-dir\the-real-index~RFe59c143.TMP

                                                                                                                                                                        Filesize

                                                                                                                                                                        48B

                                                                                                                                                                        MD5

                                                                                                                                                                        1ecb4001a14213efd68a687f704d8867

                                                                                                                                                                        SHA1

                                                                                                                                                                        2b93448f87153f05bef683bbe4ce80c05e22eb1e

                                                                                                                                                                        SHA256

                                                                                                                                                                        abe1433b9e80e88c6d475ee899bc1e7dfc3c8253e5c344c4dfe513ccb21ca719

                                                                                                                                                                        SHA512

                                                                                                                                                                        afaef0d83963018a628b0b734316dbfcc7118af0f59f2ab18cb1186ae7b27ac65dd4d31e71e603cd49444539f3b4117250dff276a18724cafb13e630ad724878

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\c59916c2-e66e-4433-9e26-865f93914949\925a02cd30dd2ad1_0

                                                                                                                                                                        Filesize

                                                                                                                                                                        86KB

                                                                                                                                                                        MD5

                                                                                                                                                                        1f3e485774958d9f8a86c079f15f0b93

                                                                                                                                                                        SHA1

                                                                                                                                                                        eb9da771d31fc1dfdd8ac549f24ad6d5e4aefa70

                                                                                                                                                                        SHA256

                                                                                                                                                                        b72c2b800e51fd5c2fb302c1688bc470bfc81b7be3a4a277bdf659a382dd6650

                                                                                                                                                                        SHA512

                                                                                                                                                                        948bfca63346c1759b29de7383d3c8e9568a6fbb5829af7fe02c57909cd0eb87843e9458377a85d697acc895860e018a7d960a47fc51ff3aa0d742a9de4efb50

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\c59916c2-e66e-4433-9e26-865f93914949\index-dir\the-real-index

                                                                                                                                                                        Filesize

                                                                                                                                                                        72B

                                                                                                                                                                        MD5

                                                                                                                                                                        bfa6e0cfc0b4791af149fa126fb273aa

                                                                                                                                                                        SHA1

                                                                                                                                                                        38a0f66cec35691d643727a7b22e741ddc527e44

                                                                                                                                                                        SHA256

                                                                                                                                                                        8946c9001fa5fc6d350929af2405ad0ee355f46737416fa7a2ba992a54a07ddc

                                                                                                                                                                        SHA512

                                                                                                                                                                        976fbbc951c296efd38950cf34529ff536f20d32a4ec233273ff1e9133fb12623c1da389c44f4f642437fbb3c361a2d7bd1d4b0e549e40faeea5af5f44470779

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\c59916c2-e66e-4433-9e26-865f93914949\index-dir\the-real-index~RFe59c24c.TMP

                                                                                                                                                                        Filesize

                                                                                                                                                                        48B

                                                                                                                                                                        MD5

                                                                                                                                                                        dfe56fdca1dcf4a03fb17c09617c2802

                                                                                                                                                                        SHA1

                                                                                                                                                                        7f77d87bed2880047113f6c425a38ce3b08b54ac

                                                                                                                                                                        SHA256

                                                                                                                                                                        0e35f968e5987ec07e99b1e9ce6abefa21c29d70679f6ce46b41fb9c6b320ba5

                                                                                                                                                                        SHA512

                                                                                                                                                                        ae81ffd91412947188f58b95ad2839dc1f8fa9734d6b4d0ef56bd716daed20630806c47edb2520d6a7c24ac3818154c82b981654f730f40b2b4ca0fb0a5b6303

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

                                                                                                                                                                        Filesize

                                                                                                                                                                        86B

                                                                                                                                                                        MD5

                                                                                                                                                                        fa9bd7a63864aac8ce4928da0933a884

                                                                                                                                                                        SHA1

                                                                                                                                                                        fa5181dc304630aa26f22d72ead5f5894ecebf0c

                                                                                                                                                                        SHA256

                                                                                                                                                                        bf874cef44620ff9d9e0d5dd871599e90ccd97eaef5376af172bad5a0a102b59

                                                                                                                                                                        SHA512

                                                                                                                                                                        ee4acc789cada7bd57d92b41f645da885927f3a77fdb1804ccdcbc8bd990d37472836bdba23352e3a48995af4298cb5fc5791e6b04518ca990b401be72c03c71

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

                                                                                                                                                                        Filesize

                                                                                                                                                                        176B

                                                                                                                                                                        MD5

                                                                                                                                                                        f5a169486d7b4a4136dba72a689917e1

                                                                                                                                                                        SHA1

                                                                                                                                                                        2bef09a9f642719d0a8dbdf5031433ec73f9e8b2

                                                                                                                                                                        SHA256

                                                                                                                                                                        b1eef7e8ec1bac87a11c25d5917633101fd1bd7dc0b7d85b65fadc1342c70086

                                                                                                                                                                        SHA512

                                                                                                                                                                        b81eca8cc50d5abefe6e424ed9a15ade5c9f83504f88e0f424ad1efb1b79d6a579f51ac5ce2b06f89c22d1eeb8eda38f4b0e6b2e0de827600ea38355bc2a5236

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

                                                                                                                                                                        Filesize

                                                                                                                                                                        236B

                                                                                                                                                                        MD5

                                                                                                                                                                        2b70b2ec112b05b1bfec4b4f7ca5ad5a

                                                                                                                                                                        SHA1

                                                                                                                                                                        0e341116d2d9d8d2fe8814bbd41c7ddd03c4b44c

                                                                                                                                                                        SHA256

                                                                                                                                                                        ff69cde2d39bc4a02017d8429b32e9c3e072a1e6634aafcc3e63b4d64ac8eb1a

                                                                                                                                                                        SHA512

                                                                                                                                                                        0af69f7bb95ed1f0789c15d1710b29edf5893386b1f47d2b0f9cae9b4cb867dd1624acd47d3bb4ff9897da6c8ce7c6f092bced42d9582e0f5dfe1de7f95f5655

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

                                                                                                                                                                        Filesize

                                                                                                                                                                        230B

                                                                                                                                                                        MD5

                                                                                                                                                                        4f37b6884264ac6370e3cf600978d929

                                                                                                                                                                        SHA1

                                                                                                                                                                        1412a6cca56ab5c2cac4eb6d7a099f20456a8321

                                                                                                                                                                        SHA256

                                                                                                                                                                        7e4d2188240da6b47dac4beb1713406dc4b7a89e9af6b2427e590e0ea4e5abb1

                                                                                                                                                                        SHA512

                                                                                                                                                                        987eb62b6bbb94436cf8883ae9b0e12683a882ffa5565da04d797775850857ae79b5a066bf31e632ec15d882c91d78568f092f30122c86f31444481193fac470

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                                                                        Filesize

                                                                                                                                                                        120B

                                                                                                                                                                        MD5

                                                                                                                                                                        6f61780f86cb1c9bb91cb3160f86424c

                                                                                                                                                                        SHA1

                                                                                                                                                                        cf5353f91c755146d50f36acbfe4e28f8bf6481c

                                                                                                                                                                        SHA256

                                                                                                                                                                        90071016e1cfb90e3dc27995d6d4102b1dabbd3556f40d926f83fe61bcd56e6a

                                                                                                                                                                        SHA512

                                                                                                                                                                        7addac76533216ba188d86e287fab9ec44b596552b44cbb7ca3f12df9aa3eab8b608ebe0f94fb4d65fd46e0acd0b4763e788eacb38398af631a3cd8892b0612d

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59356e.TMP

                                                                                                                                                                        Filesize

                                                                                                                                                                        48B

                                                                                                                                                                        MD5

                                                                                                                                                                        5912b6b7d1d7f7428ac22902030258c9

                                                                                                                                                                        SHA1

                                                                                                                                                                        fa7992d463712a31384df0007372840aaa90bb35

                                                                                                                                                                        SHA256

                                                                                                                                                                        a81059cc45b2615d876f2f5b66d75862720f38bcbf5af99302a8d3150fc9e308

                                                                                                                                                                        SHA512

                                                                                                                                                                        01a91e8a6b84ec5fec1f4d1494d368130cb4feff9ed0ce3714b701dae7452e73765a0a41cd9323e93a2eaee1234b53d894e4c0f4f991425bbe7f948cde295711

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                        Filesize

                                                                                                                                                                        3KB

                                                                                                                                                                        MD5

                                                                                                                                                                        fa9c8af987a1a6bd9f9e6ee215aaaae3

                                                                                                                                                                        SHA1

                                                                                                                                                                        1d8036ecf47b3558b38d21ca1d258f2fedc11947

                                                                                                                                                                        SHA256

                                                                                                                                                                        60d3fd19ef381e4a71c2071cd6dd0e6c462da816cfd4c40c005b79ef9f31e565

                                                                                                                                                                        SHA512

                                                                                                                                                                        5c7db5bf7b0ccb9b2d3ecbd4ae43e77cd64fcf9bda5012b29966d10e389079c3e7c29892153a386e032aab85ca33adccdc4a0f775bd5109c75262f8603c4a460

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                        Filesize

                                                                                                                                                                        3KB

                                                                                                                                                                        MD5

                                                                                                                                                                        48553ddc87939894914af29b7cac55da

                                                                                                                                                                        SHA1

                                                                                                                                                                        9e3c12432a4d7c417bb01cc92f880530c4d01268

                                                                                                                                                                        SHA256

                                                                                                                                                                        38df4cae36969f62d284dcf2c474d4bbdbf38a3db22af2ea4c7a2454d9fffd44

                                                                                                                                                                        SHA512

                                                                                                                                                                        eb28a415ab996ec1067a90844576e88c610a43ae02681479100b8b8eedd8685397fdca8ae15eb3855dab56b8178afd67c318a1bfb61d3ba8df83cb40a4c580da

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                        Filesize

                                                                                                                                                                        4KB

                                                                                                                                                                        MD5

                                                                                                                                                                        eaa4b378ee0743e1a43fb1208fb54d2e

                                                                                                                                                                        SHA1

                                                                                                                                                                        4513046339f0dc15a413aed3162502d6827f193e

                                                                                                                                                                        SHA256

                                                                                                                                                                        6955797bc715dd1c37e09a013ed047d42b37319d3db71fae878ed27f896fea5a

                                                                                                                                                                        SHA512

                                                                                                                                                                        724af392c8bd7c9b8d19feb0a3ede1081e6dbf8a6e326fafa56005fc76aee6399f8e396cc1e0d4ee7c261c293d25325c71a522c2f53e2d5a625670924019b6e0

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                        Filesize

                                                                                                                                                                        2KB

                                                                                                                                                                        MD5

                                                                                                                                                                        dfa965dde85d88bbc2b4a7051a65e5d2

                                                                                                                                                                        SHA1

                                                                                                                                                                        48315abedd3caa46dcd3718b9badfa731b65a7fd

                                                                                                                                                                        SHA256

                                                                                                                                                                        9e2501e84abd15a198bd57fdbc8d780b0a6c262a9a99a14e1d67ed93b7faff8c

                                                                                                                                                                        SHA512

                                                                                                                                                                        9428287a00e8545a03465e4a91b4b66cb48580c460a608fb62c7cd34d75a1aa4aff8adea47b121464bbd3543d24a5f0816b3231df77f8b6a329e6d8ef4bb4879

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                        Filesize

                                                                                                                                                                        3KB

                                                                                                                                                                        MD5

                                                                                                                                                                        92b1b2f005a60825c99af82e2dc74125

                                                                                                                                                                        SHA1

                                                                                                                                                                        d902834f818c38ed8b0d678423e714c914389f56

                                                                                                                                                                        SHA256

                                                                                                                                                                        ee3f97c187de4d848b09e6a9dc8ec986683009d9cea5e47518026d59ef716b91

                                                                                                                                                                        SHA512

                                                                                                                                                                        ac740ca0c65733d0d6bec70df688ef20f6f779f1ca0104f75521ceb1c8c8c987fcc04e4467989043f7d565f5ebaf168573bbe7ba8bd7882cb22099e1a05b51a7

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580059.TMP

                                                                                                                                                                        Filesize

                                                                                                                                                                        1KB

                                                                                                                                                                        MD5

                                                                                                                                                                        264370554fd25b736adf5d6042620863

                                                                                                                                                                        SHA1

                                                                                                                                                                        9049ccafe6ed289fa4511c34e43eb51b72f5d75d

                                                                                                                                                                        SHA256

                                                                                                                                                                        0645b5062633bc0823055bfb353aaa3c33e7d81617ea55c034a0ed34ff06b615

                                                                                                                                                                        SHA512

                                                                                                                                                                        900e754c6de84c8e667ffa4deaefe59b90c9103e03b0264d6ef318761cbbf12c5499f1e7f2f324d76d37513153f7086d24cc1201cda51de1eafa6a9d0fcc06a0

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                                                                        Filesize

                                                                                                                                                                        16B

                                                                                                                                                                        MD5

                                                                                                                                                                        46295cac801e5d4857d09837238a6394

                                                                                                                                                                        SHA1

                                                                                                                                                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                        SHA256

                                                                                                                                                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                        SHA512

                                                                                                                                                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                                                                        Filesize

                                                                                                                                                                        16B

                                                                                                                                                                        MD5

                                                                                                                                                                        206702161f94c5cd39fadd03f4014d98

                                                                                                                                                                        SHA1

                                                                                                                                                                        bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                                                        SHA256

                                                                                                                                                                        1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                                                        SHA512

                                                                                                                                                                        0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                                        Filesize

                                                                                                                                                                        10KB

                                                                                                                                                                        MD5

                                                                                                                                                                        cc02a47a2de84e6ea463fed549fe4560

                                                                                                                                                                        SHA1

                                                                                                                                                                        e290be7feeb1e93b23fe26239e3adff0d850f898

                                                                                                                                                                        SHA256

                                                                                                                                                                        fa8d19baa2c7e09be818f0b7498cfd2526f3d47610421d1524040cbb5e89c299

                                                                                                                                                                        SHA512

                                                                                                                                                                        5eb10918656a1c72653b7d1e546a7317c9de395d22ed44aaaadc4b89ecff4f758bdac6f1eaf70c1363065d1a595a94de9508fad07b86eaab5207e19550d23d1e

                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                                        Filesize

                                                                                                                                                                        11KB

                                                                                                                                                                        MD5

                                                                                                                                                                        a3a9af5d1ae649797fd8bf7e9b7f56a8

                                                                                                                                                                        SHA1

                                                                                                                                                                        b53c657f986f567f0bb98d8b41e1609b898afbe4

                                                                                                                                                                        SHA256

                                                                                                                                                                        814586e49da63a42d6744e2895088a938ec870d16e67a1a78c4056c00ecdcfbb

                                                                                                                                                                        SHA512

                                                                                                                                                                        c88ea7d5d3e35bea2507d2d37638be3951882c5f85d546d97b968356f57557c2df1179501fa6497da15b4664a96633f5ea65281a6365ff874396d0ca2fee9823

                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                                                                                                                                                                        Filesize

                                                                                                                                                                        2B

                                                                                                                                                                        MD5

                                                                                                                                                                        f3b25701fe362ec84616a93a45ce9998

                                                                                                                                                                        SHA1

                                                                                                                                                                        d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                                                                                                        SHA256

                                                                                                                                                                        b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                                                                                                        SHA512

                                                                                                                                                                        98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                                                                                                        Filesize

                                                                                                                                                                        10KB

                                                                                                                                                                        MD5

                                                                                                                                                                        0752f34df39df638a1c1a3f75b3e004a

                                                                                                                                                                        SHA1

                                                                                                                                                                        dec2f6f53b0af11b007e85d39c3ca2b4e4162ad6

                                                                                                                                                                        SHA256

                                                                                                                                                                        95f86f1940cc570ab94bbf3c560a447cbe2732d470f7bff8494cbc298e240aa6

                                                                                                                                                                        SHA512

                                                                                                                                                                        1453b88f5c849687b9b5ad63f3514f2c7411117b98bfd9a787a4c5316d254452fdefe12b7d8bd536b017beff0d7d94bea2cb8e28d475138a529492d757dc7415

                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                                                                                                        Filesize

                                                                                                                                                                        10KB

                                                                                                                                                                        MD5

                                                                                                                                                                        d8a1626fdf510b9b3df7eb213efdc699

                                                                                                                                                                        SHA1

                                                                                                                                                                        4d5265c44710a9d33527eae87a32ba6ba02a430c

                                                                                                                                                                        SHA256

                                                                                                                                                                        78edae117f859693afa7107b4c6ffe5c8c91e8853be32d092ef0152f919784ca

                                                                                                                                                                        SHA512

                                                                                                                                                                        8c785660b6a278a57544b59c1107e691780d79178fea88e03b168663400a558c7a1c36f0d27e3edae5785346acc5eb37396347f4ddc41f5a7958385a4ba9c307

                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                                                                                                        Filesize

                                                                                                                                                                        10KB

                                                                                                                                                                        MD5

                                                                                                                                                                        4bf5ddc959c3b33f69a83a9baca50caf

                                                                                                                                                                        SHA1

                                                                                                                                                                        ce467964310620f1a40c4ae961c422803461196e

                                                                                                                                                                        SHA256

                                                                                                                                                                        201c5706c154ae28536f4255b34ba66b571f05a5abe03c3ef6e3ad7b0f6826d3

                                                                                                                                                                        SHA512

                                                                                                                                                                        f9e2aff02c1d9f6d04a034ee46ff3d1f033d0524e2b1130431d2b0710239006c41aa58e21376c8937d38d5ba9c6315ad936d4ca6eadc60513176353983d81451

                                                                                                                                                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                                                                                                        Filesize

                                                                                                                                                                        10KB

                                                                                                                                                                        MD5

                                                                                                                                                                        9d6cdfc024ffbcfa6ff7abc9a8e11f5c

                                                                                                                                                                        SHA1

                                                                                                                                                                        a636759156db9f04fecce6a1777041bf504b96c2

                                                                                                                                                                        SHA256

                                                                                                                                                                        ea2c4c46cea1cfdcea43f6bf51e8a2c5e4afb4bb83d5178414bc43fed6796384

                                                                                                                                                                        SHA512

                                                                                                                                                                        3858afe3cdb94606d4aad8bc72fc74ea3145f36e08da4aba944ac31d79333c44095018413022ec2d183e38667ea7e871042f6d71506e118acd402675a6553f5a