Overview

overview

6

Static

static

1

URLScan

urlscan

1

http://vxvault.net

windows10-2004-x64

6

Resubmissions

26-09-2024 23:30

240926-3g9myawfra 6

02-09-2024 13:04

240902-qa9cda1apn 10

Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-09-2024 23:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://vxvault.net

Score
6/10
discovery

Malware Config

Signatures

  • Looks up external IP address via web service 3 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 44 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://vxvault.net
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff515b46f8,0x7fff515b4708,0x7fff515b4718
      2⤵
        PID:1264
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
        2⤵
          PID:4976
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4956
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
          2⤵
            PID:4788
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
            2⤵
              PID:3004
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
              2⤵
                PID:4736
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
                2⤵
                  PID:1332
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:3264
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
                  2⤵
                    PID:1580
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
                    2⤵
                      PID:4932
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                      2⤵
                        PID:4868
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
                        2⤵
                          PID:1920
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
                          2⤵
                            PID:448
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
                            2⤵
                              PID:2264
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
                              2⤵
                                PID:3712
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
                                2⤵
                                  PID:5016
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
                                  2⤵
                                    PID:2644
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4148 /prefetch:8
                                    2⤵
                                      PID:964
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5352 /prefetch:8
                                      2⤵
                                      • Modifies registry class
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3412
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
                                      2⤵
                                        PID:4456
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
                                        2⤵
                                          PID:4436
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
                                          2⤵
                                            PID:1800
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
                                            2⤵
                                              PID:5968
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
                                              2⤵
                                                PID:736
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                                                2⤵
                                                  PID:5200
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
                                                  2⤵
                                                    PID:5208
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1
                                                    2⤵
                                                      PID:5216
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1
                                                      2⤵
                                                        PID:5224
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
                                                        2⤵
                                                          PID:5236
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
                                                          2⤵
                                                            PID:5244
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
                                                            2⤵
                                                              PID:5252
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
                                                              2⤵
                                                                PID:5640
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
                                                                2⤵
                                                                  PID:5668
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7920 /prefetch:1
                                                                  2⤵
                                                                    PID:1940
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8392 /prefetch:1
                                                                    2⤵
                                                                      PID:2484
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
                                                                      2⤵
                                                                        PID:5992
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
                                                                        2⤵
                                                                          PID:4336
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8860 /prefetch:1
                                                                          2⤵
                                                                            PID:6116
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9136 /prefetch:1
                                                                            2⤵
                                                                              PID:6212
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
                                                                              2⤵
                                                                                PID:6392
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1
                                                                                2⤵
                                                                                  PID:6588
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:1
                                                                                  2⤵
                                                                                    PID:6972
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2700 /prefetch:1
                                                                                    2⤵
                                                                                      PID:2448
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
                                                                                      2⤵
                                                                                        PID:6064
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9592 /prefetch:1
                                                                                        2⤵
                                                                                          PID:3116
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
                                                                                          2⤵
                                                                                            PID:6200
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
                                                                                            2⤵
                                                                                              PID:4824
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5752
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9956 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:5644
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9896 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5256
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10100 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5832
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10104 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:6516
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,16528304824005669215,12500154001548622600,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9528 /prefetch:2
                                                                                                        2⤵
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:2584
                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                      1⤵
                                                                                                        PID:4752
                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                        1⤵
                                                                                                          PID:4512

                                                                                                        Network

                                                                                                        MITRE ATT&CK Enterprise v15

                                                                                                        Replay Monitor

                                                                                                        Loading Replay Monitor...

                                                                                                        Downloads

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          f9664c896e19205022c094d725f820b6

                                                                                                          SHA1

                                                                                                          f8f1baf648df755ba64b412d512446baf88c0184

                                                                                                          SHA256

                                                                                                          7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

                                                                                                          SHA512

                                                                                                          3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          847d47008dbea51cb1732d54861ba9c9

                                                                                                          SHA1

                                                                                                          f2099242027dccb88d6f05760b57f7c89d926c0d

                                                                                                          SHA256

                                                                                                          10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

                                                                                                          SHA512

                                                                                                          bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
                                                                                                          Filesize

                                                                                                          27KB

                                                                                                          MD5

                                                                                                          76bff3718533223937b36d71d8d7b3db

                                                                                                          SHA1

                                                                                                          d9d717ee8e6ce18e5d88a19f5fc9302c9b264ae4

                                                                                                          SHA256

                                                                                                          d565bed9567bf8a1bbd6375fdd52f234935a6541a004bbe974aebe74a5a9f64f

                                                                                                          SHA512

                                                                                                          e6d7f6ee0066f4bd5aa5375ad01ba69199cc6969b400efe67498d8244fe22edc0b333ee3b04f857847b7298f511c40a41c74bd54dbc76edde4934255e02ca14f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066
                                                                                                          Filesize

                                                                                                          213KB

                                                                                                          MD5

                                                                                                          f942900ff0a10f251d338c612c456948

                                                                                                          SHA1

                                                                                                          4a283d3c8f3dc491e43c430d97c3489ee7a3d320

                                                                                                          SHA256

                                                                                                          38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

                                                                                                          SHA512

                                                                                                          9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          8d50376542f1ff4bb28f90e8e9690c7a

                                                                                                          SHA1

                                                                                                          9bbbcb7c2020094e43dcf8f40e0efdc7304bcce9

                                                                                                          SHA256

                                                                                                          2dff3ba4ef9a288731d44ba0849050a3cb465273194638cb52d9b0a0d234ae0c

                                                                                                          SHA512

                                                                                                          e5bc2fcfaa4a13b4a962a08b1240fb06e3b98938b8efb3ea7dfa03dc2ad29ae64bd8cc84a34d07c106179b46ac709a4b605f3223761dd1ba671fde6ba77b315d

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          72d1074e720fdec2acf28d3b120e09a8

                                                                                                          SHA1

                                                                                                          049e9548d6a6518e02b375698c8e8894eb53755c

                                                                                                          SHA256

                                                                                                          c68c51c0aa724b55f71040f7348edc0908a13b8080692b9c94c0e82e0d53dfc0

                                                                                                          SHA512

                                                                                                          8322a4787f1967da0b7d782bc7bba54c47638252aabd03ae17b781ef9a39c28b3df9b6c7241e37e265e52d2b59e49759158c2d42a0a53cf8e7f26cba82ad988e

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          14KB

                                                                                                          MD5

                                                                                                          5922f57a8917e653d8b533c7f3ec183c

                                                                                                          SHA1

                                                                                                          49f7992b8a503ab0aff313d2b9c7b71ddd7d9d6f

                                                                                                          SHA256

                                                                                                          b8aaffa9b9466b81fce931f835e07482628b4be3cdcff03bcdb8a6357b09d0d2

                                                                                                          SHA512

                                                                                                          a5f898bb11638ba8717cdd4a6c43ffa8acbe1b0e8e02631229818bb7648a72817a7d8c1937ea1b222eceb2f014038e4b1a5b1f24b7e360869407848fea17ad83

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          17KB

                                                                                                          MD5

                                                                                                          78fb44cdd5c22f20751d98bbf871be06

                                                                                                          SHA1

                                                                                                          b3da16e2107554880a349d731971e45a431a5514

                                                                                                          SHA256

                                                                                                          2ebc791df2c921192837d9c155273daba9617fcf7419deeced765ece42602836

                                                                                                          SHA512

                                                                                                          ef64975ab099f5c187ea6da68fe09130c03bd1a5c56e7f8864d18a899fa1b70fed9825fdb1107a309dfbe98c6dff95ea57ee7ef7274ae09a537080b387aad3be

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          18KB

                                                                                                          MD5

                                                                                                          b09d47d8da9d328c81f544dda5e58eb6

                                                                                                          SHA1

                                                                                                          0a4e95f7a47aa5c134794b4cb6e1b1235fd0b193

                                                                                                          SHA256

                                                                                                          cb72c48ab1b4e5680245e2c21199387f74b3f89cac7601497c0156ffb987fca9

                                                                                                          SHA512

                                                                                                          1ca0d514184eeda6ffec9bae185d629ce2c7ac55cd7de20064b3e14013c735660ba817c90986c6e310248027e183352237420ae415bc769404ac9ae50e459d11

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          ef9502f19ce34b18b8a0dd8527168f07

                                                                                                          SHA1

                                                                                                          6fbb9d9daf88bfc8767f1eb61960db8c84fc061c

                                                                                                          SHA256

                                                                                                          544babfa38e61a35f8c76d9afd5fb2c1e7f7560eb31179427eb20f9d6545a4ba

                                                                                                          SHA512

                                                                                                          f2f5c44ed0ed1e3fb3b02b909fa7f8986296406da0cabe53eb8e613a61e48e1dc3fda88cbfc199f9e64d1da00bb9b503639800c88506d9bf0ab411795da5347f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          2cc96f4ecee1c6211010f6afed3731a2

                                                                                                          SHA1

                                                                                                          7125bb738c34ef5c80aaefa7bef9efd028be9396

                                                                                                          SHA256

                                                                                                          e0f2b1ee7d9ef8e61794de51b852c61b8b04bd7550b1766ecdd976ce41ede670

                                                                                                          SHA512

                                                                                                          0cd99fb07e685d69d565dd73279c643e9c9a0937faef1a360baac397f65d7e21dc73477d6132c50e5b81b9163bc9032eeae1fee4cff1af44a283cf640c26c0e1

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          19KB

                                                                                                          MD5

                                                                                                          93e90f16844d6b6af02e9596e6caf88f

                                                                                                          SHA1

                                                                                                          869cc7f0fbf30207c1f41521124386cf5030f6d4

                                                                                                          SHA256

                                                                                                          98cbebdcc4dff7d93459e338d6a33a773a8ab111b77cc3ea7f5c57b3951a482d

                                                                                                          SHA512

                                                                                                          a8030fa9db61c67f0cf3cf727727a473aad64c9f4182a7b8788912b05ed4b2ba0df14abf7c10ab05a5cd910f391f8c0fba77e34a1608cdee2f78af86334df6d9

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          6KB

                                                                                                          MD5

                                                                                                          31883c1e7079d7486f57362d626a95f2

                                                                                                          SHA1

                                                                                                          bb93cdaf0c7c5c975a7b28997839ed254fa5f2fb

                                                                                                          SHA256

                                                                                                          b0599d1c2b40e75f48a81a6814ec6972752f7345d4dcf54f00210c1e5f0ee09c

                                                                                                          SHA512

                                                                                                          39e8c112f8db9569a48d53dc0288aa953aa03360d1f52e5fc9553c5e84cbbdbf44ac0a67620275d54f49401e1270c3e2d9574222bb9a2b4159ae5467ebb26c07

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          19KB

                                                                                                          MD5

                                                                                                          4c50155cb0f2a32dda608cdc6d0b2f6f

                                                                                                          SHA1

                                                                                                          19a8fd1e4930c04e792430d549255355f0abd611

                                                                                                          SHA256

                                                                                                          4d1173a1e4dffcc1ae93ae31f8cbe356e9bca35a1f1e220073e954e51f7b9dee

                                                                                                          SHA512

                                                                                                          4e7c25832971c4fd8791b90626ed31e0ca7cd7df7b82389a76ad929b26852dcf3ae57e6f90210a44877ec5146ce5804b56647df87dc69c36eb509c77b053281e

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
                                                                                                          Filesize

                                                                                                          16B

                                                                                                          MD5

                                                                                                          46295cac801e5d4857d09837238a6394

                                                                                                          SHA1

                                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                          SHA256

                                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                          SHA512

                                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          72B

                                                                                                          MD5

                                                                                                          ac7d395f465e4d5cebdcf395e9e2d68e

                                                                                                          SHA1

                                                                                                          d0673533814eca6417f378cd95beacec3b24ccec

                                                                                                          SHA256

                                                                                                          7cd1b877b4d4e01513bcb3d168e6b3d4fdee7eee3de20acf9d41d68652f5471e

                                                                                                          SHA512

                                                                                                          bbbd1254525b63ae365eead90411213cba214fcac09ab51865497c41a98186cc9c9d2969e5992b3af6f059b8ef0aa89e30707634891830e403eeede90aaf7a3a

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5938f8.TMP
                                                                                                          Filesize

                                                                                                          48B

                                                                                                          MD5

                                                                                                          3193e0c920f9a622417609e01b195525

                                                                                                          SHA1

                                                                                                          8291bb802d758ce161cf17136a7553b2312d417d

                                                                                                          SHA256

                                                                                                          8b04e94c37e7f145d113db643c0048c27ab9cdf23bd3438c2012225e24871676

                                                                                                          SHA512

                                                                                                          007cf378177298d8b12e2f24db8ef945e48e1613276753e105de84ca6df16709ae4669792246dca3e2c285c2d6e9e20fac5f5223d8a3e76b22c6a1d274378a96

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          6KB

                                                                                                          MD5

                                                                                                          5d56b767300b6d5158a304904f017496

                                                                                                          SHA1

                                                                                                          e259f0848e1334d8bd8d5f593f3e7f0f09cdf643

                                                                                                          SHA256

                                                                                                          3bdc1d1bec22162c4092bd78c99889b42177513fde4bac91b6f4643b6449ded3

                                                                                                          SHA512

                                                                                                          d50eacd2bf03e6d85807f42e27198e068daa3fae1a9b2ea144807156b6adda2e41a987f1b400997ada8d2e6e32a1f99fd8e4b33d62532e8dbe47176f7fc013b8

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          6KB

                                                                                                          MD5

                                                                                                          9aeea2d69b2b7be7b6dae6be694789c0

                                                                                                          SHA1

                                                                                                          20dc1e0fe107fe4e5737f0619741ca29b2cfdb80

                                                                                                          SHA256

                                                                                                          7c9566739dd0ac015b3d25f75642f616e526fe43c1181fcb11a22893059e4a38

                                                                                                          SHA512

                                                                                                          5412cee2dcbca8ea902189bc3d6d6d4a781d39cb62752616fb8343a3f8d78ba90fe23175d0b4d906ad80dc930aaa8d4952994fe6a4674861c60c2c3e5441ed75

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          795675fa5d4a83012cd2a4d54bab5cf0

                                                                                                          SHA1

                                                                                                          b472147b90f970e1e0fb3c1c6187723d93343f8d

                                                                                                          SHA256

                                                                                                          aecf928c1564fff4eb4788e60b129abb54270677f887adef1807f7a509b97cea

                                                                                                          SHA512

                                                                                                          2b4a056f4330a246e5f6fae014879f993174fb3700928784e1dc940c02f60f0314808c1d9d7b57bf25e5e9fdc3b5e67cb635c1661117fb2ac1d258ac41aea37d

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585290.TMP
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          MD5

                                                                                                          83b9f4f77bf71e7c34eefb1900eda6ab

                                                                                                          SHA1

                                                                                                          9f33905312e359244b6c6d2e64f7d1e663bc9821

                                                                                                          SHA256

                                                                                                          b8b4cbd882c0aca0f684b14e5dcfe8a40ec9d1b979fc5840455a55d6d8d7f4ec

                                                                                                          SHA512

                                                                                                          473916ab301961b1a448080bcccfddbbdc68849f8094b9b7448cd0f316ea2372db995a47ef971b2f310c9ad974d067457869c292c837b7ce8e716dd069c08dd6

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                          Filesize

                                                                                                          16B

                                                                                                          MD5

                                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                                          SHA1

                                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                          SHA256

                                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                          SHA512

                                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          10KB

                                                                                                          MD5

                                                                                                          af98985a7a94e55f8d51217d10b40ec5

                                                                                                          SHA1

                                                                                                          da3d3c0df85c8418b29a68e36cd74e18fc213af7

                                                                                                          SHA256

                                                                                                          6a8c51cf64b46ca6a2607e34b9f8dc88f91f27e395f183032f15eecaeb9af27c

                                                                                                          SHA512

                                                                                                          1627f786fd47313ede172c665b014ac67a3ab56f612080769d832c6c1f0472a35ae24522ce83adaa3810e7c82d9ee6acfdbfcdf05f4c7e246ffb06edc3d64f87

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                          Filesize

                                                                                                          10KB

                                                                                                          MD5

                                                                                                          c63b46cfc89ad8a9e657dd2eacb63662

                                                                                                          SHA1

                                                                                                          f0b83dd15539a5ddcc9a7dabfe37aeed6af6f7fa

                                                                                                          SHA256

                                                                                                          2944d1bcd6bbd8db90ecb61d97598c019313ece796782081955bf322abc3e0e9

                                                                                                          SHA512

                                                                                                          99a81e31cb80f5b364aba8bd570a3573d9d2bad8c91fbb2d16aa60274803c9c638c571585d37b5a96716f36b49b4e0e7540f5396b0d9efeca5866cde20e362fd

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                          Filesize

                                                                                                          10KB

                                                                                                          MD5

                                                                                                          9333dc354e2f8fab6273348b596354ce

                                                                                                          SHA1

                                                                                                          7ee5969f966f4cea4029df43a25e2d5c65963eab

                                                                                                          SHA256

                                                                                                          2743b25fbc19530f22af236cb5c46a30549907965c3a1882d2343625b43c2aea

                                                                                                          SHA512

                                                                                                          d17f68326107dbccd25289e2d305f13f179ecc1de62859b8c782e043ccb99e8ebbf22017553b424feea84c62a429fe7ac5ed7e92c0bab91f26bd8234f80bdfc1

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                          Filesize

                                                                                                          10KB

                                                                                                          MD5

                                                                                                          a1a83571d21e4522b1d3f5f1bf9f83ca

                                                                                                          SHA1

                                                                                                          5b7d659adfab9b4b7baa2f0a331aad9b87d0b6f4

                                                                                                          SHA256

                                                                                                          0f4ded27250cd8ea538d0f2559b2cb95d78761b20a04f94a8142361752f6aca5

                                                                                                          SHA512

                                                                                                          88c864a04e0fc3658d48608f1de58e9e9f41ae70d4a703b15cd6b4fd165da3ba3a722ed58b8b2b9327a4c7c738c96958582d1ca87bbe118375945a83de211902

                                                                                                          Download Submit

                                                                                                        • \??\pipe\LOCAL\crashpad_1756_CHUIQFSUWVHPGTQI
                                                                                                          MD5

                                                                                                          d41d8cd98f00b204e9800998ecf8427e

                                                                                                          SHA1

                                                                                                          da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                          SHA256

                                                                                                          e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                          SHA512

                                                                                                          cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                          Download Submit