Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

run.bat

windows10-1703-x64

7

run.bat

windows10-2004-x64

3

Analysis

  • max time kernel
    1800s
  • max time network
    1801s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/09/2024, 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    run.bat

  • Size

    2KB

  • MD5

    4d7febe5cc4f5286d71273824a7863d6

  • SHA1

    e5533543793955095b85766dd08279d31e534c59

  • SHA256

    9c47b152ff787bed329b58f68ba7c5d597d521ff11936e01d8cc0dbdc5534bd4

  • SHA512

    ac94632e99a64ef8a1c99c22c44433ff270e65b8e66a8ac4207c9949a4fd69b0ca04f290e06329538ac18427f52084c8b4497a1dfdbd418daef961a237907e68

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops file in Windows directory 64 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\run.bat"
    1⤵
    • Checks computer location settings
    PID:3836
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3988
  • C:\Windows\system32\browser_broker.exe
    C:\Windows\system32\browser_broker.exe -Embedding
    1⤵
    • Modifies Internet Explorer settings
    PID:4772
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1032
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3032
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:4448
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5040
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:4932
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:3248
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:1940
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:2940
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:3612
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:4372
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5140
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5272
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5436
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5532
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:5624
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:5756
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5892
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:6060
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:5324
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:6264
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:6392
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:6552
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:6720
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:6828
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:6972
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:7148
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:7204
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:7300
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:7416
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:7540
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:7692
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:7836
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:7936
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8080
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:8072
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8296
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8432
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8608
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8724
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:8908
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9020
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9152
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9236
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9340
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:9436
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:9560
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:9696
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9880
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:9984
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10096
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10248
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10328
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10416
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10568
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:10712
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:10840
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:11000
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:11108
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:11232
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:11304
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:11456
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    PID:11548
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:11672
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    PID:1832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V28C7N3J\edgecompatviewlist[1].xml
    Filesize

    74KB

    MD5

    d4fc49dc14f63895d997fa4940f24378

    SHA1

    3efb1437a7c5e46034147cbbc8db017c69d02c31

    SHA256

    853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

    SHA512

    cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T0BANRQ9\api[1].js
    Filesize

    44KB

    MD5

    f8e18e23484e55c313a4a8f8615359ca

    SHA1

    cfe4d85935005c68ff04b58e236bced0b0a41d7b

    SHA256

    3f0166bde3365c67aeeb6adfb6de569399ba9941a39ee0ee6c4dc086494daf99

    SHA512

    cfcaf01d483d6b6cfe9e165d1ca87cb720823087e20e5351c032ae7142e4a599384ab8d034949255ada8d46fe6f3f66f13e4612a060b7ee036f1121111738f9e

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T0BANRQ9\favicon[3].ico
    Filesize

    1KB

    MD5

    0b6dcf9c1429088c7f079d7cc291bb66

    SHA1

    d23f9a17c55011a829c1365bcba999b27c4115f4

    SHA256

    4b0358b16230208179720a09d205b99a3e9764e63815b09e9f1716a02fccadcb

    SHA512

    50b3d19252cf4601c93108639c0c82cd578c1869aeedbb327a7f917c7c9142ebe893347c9a065ad8dbd61b0edcb160b5169b7272c2f3a3f807649b007461ab74

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    1KB

    MD5

    7fb5fa1534dcf77f2125b2403b30a0ee

    SHA1

    365d96812a69ac0a4611ea4b70a3f306576cc3ea

    SHA256

    33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

    SHA512

    a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    436B

    MD5

    971c514f84bba0785f80aa1c23edfd79

    SHA1

    732acea710a87530c6b08ecdf32a110d254a54c8

    SHA256

    f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

    SHA512

    43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    8d8fd791d3c93272021f101df927ab9a

    SHA1

    3186db62967a73f9fd7c625749beeb900923f5e2

    SHA256

    72fd5645bcb0a623660314d5ff1adbf1b196c7328aa159de08faaef7cd7d8e23

    SHA512

    d6daded0cd61eb8f3b0c8e0c5cfbfebda4f44a6edf89d9cde276b09a5b5b7c4f2b7e13efe0a4d58b99e4670d00796e017d5f358cd85e7d85c6b8a73169fc21c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    293f9a9bf1d1db06e2806b8e6097e924

    SHA1

    8230b1acba09e8e414b14ad8a6e6a5b77f43d999

    SHA256

    e786355e7d6ed5125f5fae148577b204573bf7bed18855763fefb20358f41970

    SHA512

    01aef744cc6ab30ab98dd0eaa16aef27ce3a345d21c7eba99f7f11c6a3ce161364a5f32de5b4c277ef33fbf13a11b5316de323670225f97dfc8a473181cfd3fd

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    56163f5eee2a753f2f7d7bd7aa4d85a7

    SHA1

    e0d339593750083a3cf25d9d962dc89115df7210

    SHA256

    e5dc29e8ad8143089517e6d74006de83e244497b9b9e49e9b17cc47fa95d1a24

    SHA512

    da9c31217d3cbfbebf2ed44d7c017a59acb11ecfed3e520cbd33c2e75d57511d8e3a0142e2cf7690cdf8c509f8c8837c3c69932b3986c786801fae044e9c132a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    26fcabb2160cedee6afd086d0fcbf377

    SHA1

    f0551bb7eedc01c6285c4982a073e50136a82b27

    SHA256

    0b3b7ac5cb5431541a4c996f25802457272aededf80d10ae23a38ce626288144

    SHA512

    8b5e29074ab36426f4ff848296ffab462c5314dca9e3311d441a64ebada4f620a48acfb202790c3ab88317c6346771e88028d4a11e684e519cf41dedce1b281f

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    d6d8946bdb99ca630100944a981a3c8d

    SHA1

    e0247d165b51ff8b3f0a466cd4b9364fe9b6e53d

    SHA256

    6c7794a54079835f5a1ff1451fdae61bc5e24c80f96ae7e69d88ef9794e2018b

    SHA512

    5d129b652a66381f86e1ce63b9de0e37234d4675a712165d2fb92af508734e23b62d722d93108409a68db73ce6557eb407ac7c1b05241224e5feb460113f287d

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    b89537fea4c91129b3ae42f894cfd52a

    SHA1

    bba91c21b615bbdfe266c043b7c86dc1036f01ad

    SHA256

    270bca67b8a98654cf47e7c9f7066d20d91b46985e4dee53f7af975dae002ce1

    SHA512

    eb498fe954c66363bff397289c940b08ba2297a77c661c127e8f96e677537f74574f818bfc71d0360d43d66b45a8e3c08ec794a79c9959874b6f64375078d6e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    acf42e0b78426be6da7b43a0f95bcfcb

    SHA1

    f3449b51cc3d2d7fd1c80fa5dd3922a8cecbad0d

    SHA256

    912b23c56166710d2f7e121093da4772db2e5a1f65b9d4c7c0ae42710240c559

    SHA512

    e67ac42f479bfaa14dfc0a329825397330aaa18d03c3be3d556a85d7e99dde5de8f77b2eaac27f511fa658373e405ff6e91cbffe79c117bf615e437400521bee

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    fa2ae27176f483dcd9cba751e240d050

    SHA1

    222b937edf686aa19d07c6d126827416228246e7

    SHA256

    70a7f7863cd8c26465fc3433f069a0b097e34ff61a232b3b31000c9fdfb5d644

    SHA512

    038d2d5d250dbda316ea4a2b60b61b473df667823334c20d3018ad36bf458c45b20532016f7290acfcfa3949e8c67784245f33b9f8b08c6303d6f9537aed8945

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\CJAP022W\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    1bfe591a4fe3d91b03cdf26eaacd8f89

    SHA1

    719c37c320f518ac168c86723724891950911cea

    SHA256

    9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

    SHA512

    02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    56b104d18df0e726a87ceedc545b62dc

    SHA1

    10b79d2c25382400cd56d9d521b758074fd50a28

    SHA256

    50a5904f68ba1da489e089ae239c20d774fbb3b485cd7a3a83a2f806cccbf9a4

    SHA512

    b0b95b8375ed2eeefdde58779778e13973c0f43063cc3bb6b885e5237b072b53d4439900598e229e9094dea2cc541d247b671dec5b1a1e1be9321da73479cf85

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    2facdcb14073a06a319be5f151e5d5f0

    SHA1

    45db2b72ba788d5deb77c8546bd997dceeef13cd

    SHA256

    bcb86b9f045d9082466eaff01c026fafcc8881765c3e0cf0b7c239b9d2a1827b

    SHA512

    a5b71ef370f3f60a0b7c360732311b3d99d3cc81533091c943e5a7fe4ff9beb95926df1933e2281e70ad35fbb41820aecdeb8e8bd10453acaae50e7d84085bb2

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    4cdd9886e71272b5f5b138c99049ca24

    SHA1

    1d86357a984e8cf678de6a3de0ce4e2740604ec5

    SHA256

    a1faca9f399727df2e048af800eb466c2898bf0945db93fc1518bf98ce8de0b2

    SHA512

    69a394fe73ec68711f4d28e9a5d927d5d914ddc1eef0b139e9298c7bba9e976229da2857ebd70b97a783c849a91b3bbc8e033393d775f7f765d2cb6f1d88a874

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    f6d1e9c9dbeca4638c865d7762071f4d

    SHA1

    781e6d549ae6eac3d0534920753f5964ae4b39a5

    SHA256

    73192479a0ab27d51e2acdc287ea0f9d71666687222a39463ac745248edd8118

    SHA512

    3b1a7c1e9ebf371e449e3b0d91afea88c5e712f839e19a1d88754dedc930a86baaad82f6e86ec1260d9288f12b0ed36f7a9c05f5091c70122196f80e91c4e789

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    c19987c93aeaede2507b89e6a00be6a3

    SHA1

    d80769eb679057c9610d2a7214da69c2d785ecd0

    SHA256

    66f883a7099b323f00b8ba882afd6a7aee93813435c20d192f5ddadda4994110

    SHA512

    4f8ca8bc64eab2f4acbc423afc1736c316fa600c34b8c6bf2e768fbb8c8cfd2b4507d45ac7bd09842827d8065b1f02de00a4f6d65b0e03bb00609a9b5701700e

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    ca5041945eba74b5f8b38cb3591eb5ee

    SHA1

    68d85758c34850608367ae42b78bea942f4fcfd1

    SHA256

    a6565211082f5855eaba0930644e1f85525b1cf44356b1085ee7a846dcd15b47

    SHA512

    7ef3a1579e5957a7f3522c132c237b59955f3e4ce5430164c0da25d878577f75f213c79b0c5271f9fac5bd366ab1a84ea8b741245b2bd72838ee1add84e8e90a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    c9d8cd6bb9e73db44af0d4a96da45e7c

    SHA1

    84af241de65bb2b8c034bb871cf13e95e7b7adb1

    SHA256

    5c36ed0c49e0af10f9f66a522e644a2a800744f1eda7c915b317806105cdf5e5

    SHA512

    e2fc061ed203f12839fc81a6bf3a0120eff145a0dd3ba3b00f6a32a657f4069fed2c6006f7e0ef3af9aa1b74c205d1a25c9fc98ae0502d7876113bb5a5f8be00

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    0254450532f773b78ad13f9726caa094

    SHA1

    59039fe8d0462ad847f8e17f795f4900cf104347

    SHA256

    a015208a6d119c7a48ab9c62b20ac71c379af4c3dadbc54f0748029589089193

    SHA512

    81f290d1432d9a753c50cc1fe98da4fbc2441e2b81d1886841a9ad9abcfacb627d3941715b47506694cba1589262e64bad5b1d0bae11cc6d86aeaa01a1b79c41

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    64de5d7be96ddeca9f8f957b5875ce0d

    SHA1

    4906f786909e6ed08be6f92b645b8fc82d774976

    SHA256

    d514e5a45d733af99aac08094407a9fe4029083af474c24324b03eec638d921b

    SHA512

    1887add6bc06620ad6f34e272e2bfa1fc9f01cc094f289c51ed5586afdfa8b5de338f996ac879678ad97be6049b372596185ab86e0c94ac7e56fcb0b35d5c563

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    2a310e00e9dcd15db5d2ebc56fedf917

    SHA1

    51c90152324e2f8a1b364cabbbc3ed2c6d45b823

    SHA256

    4fcd61c0b2dbee79b80a38c86821af61dcaac5419f3aded1472672be6a854098

    SHA512

    adfdcf25332a57f55c8409d0c3f7d247cd50e7eb6c85bcefcd1772f2f1c760b98a0be312b7ba39d08b31ab4c0ff85030bb3e7e7f3d14c41609f8e986ecc77e0f

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    1b68ba55cd4576651030e105706d0bfa

    SHA1

    22f185ad9ce434bd4f76b7db8bc349d14e12e8ae

    SHA256

    437934ca35bfdc8463e6bcf1f9485663ee970ed105318ef0fc02dba88f3cc657

    SHA512

    facaaeeceefafa53e9dfb8be5796e30d1ce50d674d1e8f74ce96d1451bba2373e61445b7943642b2af19a47f311e25bfe1dfd64ed266a4020e9fc702023e8326

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    3f062def935bc8c49d991e820576b526

    SHA1

    573aa7b05ba64d92d8d9a8a836eef311afd1c5de

    SHA256

    4db8b4aff97e5c7242f989288b662d3c3a3ae09dbadb9cc48c06f9d051ffff81

    SHA512

    451b7cc2d19e3d8f2dea23ae23322aac2c0f4906bc28772bc589accf5b8a267e1eefd649535b557ebd7d547b0d24d61643033af8c79cf757d67d7f021f2137ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    c23f71d37403fb724c4877ce41eb1b36

    SHA1

    7aaeb6b0c0a9f7449548f3bc1d2043d1ab22a832

    SHA256

    1758262c6da6cfb2f8bb01e8921b825e88223684d35bc014913ec7dfdd07f7e4

    SHA512

    1b48efc6e717f975898a5b427aabb827bc7a429fb34026660e14bfbc8ef251c00b8961c9347c798b5ec70610b12b464643290ebbef4519fd3f2d5b0ee9a3f8d6

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    b1b4982fa82a8d215ac493f441395602

    SHA1

    b92745c08b552560dbbab7b2215f8a0c6f4ccecc

    SHA256

    e84b362a6415f63dac582a9272aa5858425aac11b5d5680259b045fb79b6f21c

    SHA512

    88d3b4f35889f1b3c715029fbccac8601824385dfbdab3830288bae619e126def2ed68c0d26cfafdfb80cc2b5d88be5a0f6388d70565de5f7f0df18043aef95b

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    e4003b024cfa4e037b9832894e7c7119

    SHA1

    77ccdc3d1686e571762b98908a94bd3a45cc13a0

    SHA256

    f0126b2be59da8535640dfaef077c3a239296b5afe354c0a9d046f68e948f9c6

    SHA512

    be50a6d3955f5e6246ef28c2665ab25ff9a6ad6fcbaa1052437d79d8572da06fbeaa0a91913c0e72ff8190315792f75fabc366428f047ca7afc63a6949677bec

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    33023669763bb340c1577dce3b6f8a84

    SHA1

    66ffc85c7f750bcf859b5c68a1eb2f754ce9908d

    SHA256

    fc87bcbfcdfd14adc218a42b609169dee31be2ac4182e48d98b686bd813be014

    SHA512

    e7bc95cfa7093d0dd9882703fe34c4636b53c5333a60866a62f5b5bcf48f6520014379b1e5a21d5b95a8b044d6ed477689327487fa74e52ff4a016bdcebaaa72

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    43d9813b5fc755d572a437b119d8e980

    SHA1

    c8ac39e52b0477e40663fec70465b6212e3142e7

    SHA256

    975de237669da6c68bf0612c5d3b4b83e0998aa4f20ff7cacb3b94cbd9321996

    SHA512

    316b74f938c3c2e7676cc6315588d2b90ffbb638d68b731c9e42ca278899f668ba5d8a1749abaf72403562042aa77ba85750197aaa113b3b35562d2ce3325d23

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    d61de379c4a27f90e1bebca0ab26e9a0

    SHA1

    ce30109d40720172319fe30edf71bafc2de0789f

    SHA256

    17ef5fbaf6a7f4ff2e53ee7d3a17d105dc10e4b95dc7094c6641911c3cf11688

    SHA512

    8ce4d1fb2d6ad8c157961fba8befcce60839c0438031b1853e9fdd33260abb4ea2fd7fbe2980213eb1549fca937e0f9e441cea8255a843b58c65807b768c84ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    0da90ea99ee70fbb518345cbc8de9817

    SHA1

    06854f6de226c551254223c368dce6a9eb2c830d

    SHA256

    39c0c406cf1a47ea010a2b025e12edf9bcfeeffd9696fcee554cc3252ca67cec

    SHA512

    1b2f3cb0f712d520280469fe25fcc434c22f86d44ce24b141572a508344cd4670f2287bf9cc273d6c9d60598239cb6986a7e62d86589941ad17bcc1421b94d19

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    d9a11e5332522fc44c10959f1fdc32b7

    SHA1

    029d1454069020aac9c48f9787712868c0b5f60d

    SHA256

    ba7844bf1e0049b2710f206d405e12cf5f9ed51d3857802c540ed8f1dc67d511

    SHA512

    315b19998180fc160c64a27c53212bb9ed88ae43092b533bf9871cc55b0605cd9871c37f85b075d286e38fd36ee46c4b311f4129f04bfe7efcb709117b1a2784

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    064dbd5dc100f1e8eea5bc3c749cc82d

    SHA1

    68940c3474eea23bf24eb2fa3fe7809633ab14b8

    SHA256

    495bf5e4cdbd98169ab162d645b772de1c31f08b8fa05eb09d7b0ae8948bc498

    SHA512

    271c6719067a640d483ad22b5b9313183c663fd5b1223e655d1e4c345bdd216c6991a0049deed6b4d10867f8349b32143acdca6bbbb941bb575df8b6601cc366

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    801a0073c9774d39fa144fbeb3412d54

    SHA1

    35edf0fb54007406aa2b98355b974f62b91b6391

    SHA256

    b5010ae9058e540ac1253ab079a10be80c9e90d65467238330f6ad3470aa6572

    SHA512

    b3d493ab39d0d9d5943080529bc56d89e98b6feea60e7e1e1d6b917d420b5266f40b1eaad496e3ed8f28bcc405b0b38b2d7bbd8d76988346f1dcf0825d289bbc

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    980ef9fff8b2b223b0432a3c328839ea

    SHA1

    c0cdfa25412c8ccb379bf28eb05e2225bca6e7e3

    SHA256

    b3829dfc5abacbe7b448ce5245bcb8b794dea0b751958b8a8e5733b97a121e3c

    SHA512

    373d3553b753353e95999979022f351a5af2724db70f281a0f8873c542cc39288ce08c05ba134ee368462a561f7346bae6f561767aa1c3fd73ac8758cadf3f4a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    fdc2c30c6ea2f10e4bc00c8e58cb68c2

    SHA1

    6d06f33eb8de59c509cd5754b3947cff8a4c9b54

    SHA256

    9f0443d95807c6e9a451f36555f0e0bd218e296b75b75cb64744904d386e5533

    SHA512

    c936600fe72268a4bd8ff7382e27e6714d6f3486a3e3d0eb7e7b2884198a6ce8e027a1a21240214776a99c6b89eaf1227a4b4a51223ca6aff666b53b18d023e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    7137c3a2c037dec13f37e8574fed6414

    SHA1

    706f33d53cf0b73b258c7504e29fbf972dc3ea16

    SHA256

    bfbbe2ef3427ee10b186006c2863804ceee4f17017b318b2899f97fd509a63cb

    SHA512

    620bf869e8a5856136c3cfa1367ea18191073cd1640351a6c242e75252ccdcdc4e193d7e5cc1aa64198661c94c7cc653dff3ab99025222d4a386cf55cef7df6a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    120c7698deb32a34784c95a12aca7166

    SHA1

    71c48253c77dbb390e4cc78909a3fa03f920015a

    SHA256

    6caa446d4e0eb3072e0a39f5b7aae208504f29efaac109b549da394bceb54c43

    SHA512

    b26f03bdbdcb2f42a6f531ec987fffd43605bc91567eafe1bfd2f09809a641f17224ba2ccc95c3178728b9dab437abffe48db796dba31591f738cdce2de4d542

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    480f977bd980d221d8fd0cc60cb6d73b

    SHA1

    6fe82881fd82d78a1f3993f3f98901d1f4c0324b

    SHA256

    fa3ea0d6835472a79edf637c74b384a02d633a461fd3ad083417c609f923f648

    SHA512

    dedb0a62d0f70ecfbce1aae6186884b2532d3f81b22262706f611de8cdc8e88a69efab225b7a31ddaafc08ecd7cc26888f79d14b94e72a43f1fa40512bc50704

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    338B

    MD5

    8ad5bbd04c96c36cb9f6924a46fd84ce

    SHA1

    336c697c72a340db133c2a5f699b841e40c31f6e

    SHA256

    0a9458f5edcda20695c6ea1974ae035e66931fd304332225b87c5b44ad6e9587

    SHA512

    12ca83f395eb4318527c222bacb5365268b00a2d50d833b459f2b4c3c33f60f4f49c7ec5eb07938a4b287016703b9a792c9bc1b9543e9b811082d1f568e1942f

    Download Submit

  • memory/3032-45-0x000001A35CB00000-0x000001A35CC00000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/3248-677-0x0000029453390000-0x0000029453490000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/3988-0-0x0000028294920000-0x0000028294930000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3988-35-0x0000028293BA0000-0x0000028293BA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3988-16-0x0000028294A20000-0x0000028294A30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4932-544-0x0000018476C40000-0x0000018476C60000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4932-541-0x0000018476AE0000-0x0000018476BE0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/6060-689-0x000001BE65530000-0x000001BE65630000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/6264-527-0x00000241BEEC0000-0x00000241BEFC0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/6264-528-0x00000241BF020000-0x00000241BF040000-memory.dmp

    Filesize

    128KB

    Download

  • memory/7692-645-0x000001B9E2460000-0x000001B9E2560000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/9696-648-0x0000020BB42E0000-0x0000020BB43E0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/10248-666-0x0000029202660000-0x0000029202760000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/10416-531-0x0000016D4D930000-0x0000016D4DA30000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/10416-538-0x0000016D4DA90000-0x0000016D4DAB0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/10568-686-0x000001A221A80000-0x000001A221B80000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/10840-656-0x0000026D49C10000-0x0000026D49D10000-memory.dmp

    Filesize

    1024KB

    Download