discordrat | hxxps://github[.]com/Yodusa/Discord-Account-Generator/

Resubmissions

28/09/2024, 17:27

240928-v1eb5sxejn 10

28/09/2024, 16:55

240928-ve8nvsyfne 10

Analysis

max time kernel
90s
max time network
87s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
28/09/2024, 17:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Yodusa/Discord-Account-Generator/

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MDQwNzQ1MjQyODUzMzgzMQ.GYv6Cs.bHorOgR3dzpv33F18dZaRpWKB43NnKIjozVcS8
server_id
1260407315073597510

Signatures

Discord RAT
A RAT written in C# using Discord as a C2.
stealer rootkit rat persistence discordrat
Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
3384	main.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
120	raw.githubusercontent.com
121	raw.githubusercontent.com

Drops file in Windows directory 6 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133720180613030213"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "644"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\InProgressFlags = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "543"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "3813"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9a905aa8cb11db01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "705"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "652"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\InProgressFlags = "262144"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "3813"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 33537ea8cb11db01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "1"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "604"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe

Suspicious behavior: MapViewOfSection 8 IoCs

pid	Process
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	4468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4468	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2908	MicrosoftEdge.exe
Token: SeDebugPrivilege	2908	MicrosoftEdge.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
2908	MicrosoftEdge.exe
5068	MicrosoftEdgeCP.exe
4468	MicrosoftEdgeCP.exe
5068	MicrosoftEdgeCP.exe
4316	MicrosoftEdgeCP.exe
2908	MicrosoftEdge.exe
2908	MicrosoftEdge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 5068 wrote to memory of 2020	5068	MicrosoftEdgeCP.exe	88
PID 3684 wrote to memory of 924	3684	chrome.exe	91
PID 3684 wrote to memory of 924	3684	chrome.exe	91
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1248	3684	chrome.exe	93
PID 3684 wrote to memory of 1940	3684	chrome.exe	94
PID 3684 wrote to memory of 1940	3684	chrome.exe	94
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95
PID 3684 wrote to memory of 4772	3684	chrome.exe	95

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/Yodusa/Discord-Account-Generator/"
1⤵
PID:3400

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2908

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:2792

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:5068

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4468

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4504

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4316

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:5084

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:872

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:3684

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9d1709758,0x7ff9d1709768,0x7ff9d1709778
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:2
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4460 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4428 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3840 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3920 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4668 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1364 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5596 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5608 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5576 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5704 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 --field-trial-handle=1680,i,8854450815423164043,578842648039164237,131072 /prefetch:8
  2⤵
  PID:164
- C:\Users\Admin\Downloads\main.exe
  "C:\Users\Admin\Downloads\main.exe"
  2⤵
  - Executes dropped EXE
  PID:3384

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5024

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
b717e37bbc096a5a7658eeeefa3c664a

SHA1
8581be43bed6a087b486fc9346152ac13cf6105e

SHA256
ae4850f9e513f0e9f102fdc075f885bdf1b42f1e3b1b9436dc79f179f2eeb2c5

SHA512
8cc6624d2bac2064f8b58d3f7faeab58a599e8d4d7fa36f2e79f537fbdc7bf9fb24c5885fd7ef1922a20968a6fd0a9534cfdd0ba3aa152f721ac37eb48f5994c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c58502849a3b2f0524e34cd3928b5355

SHA1
f3eb93fd7582d7d4d77c2eb5a1cb6fb0b39538e5

SHA256
12c98ce6d28d4ca78d555f89568b28d09440277149495e234cb51394fa900438

SHA512
daeb17ba2419ffa76f594919536ddedc267a4f03df4a6b9c4eaa4c2b8070ff01ab367af7cabf0e3938edfbf8aece0fc3a12c904557adfe36b884a27e1e3095c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b8ba50cb1204f558e29368507594e3e0

SHA1
415224c7168b6d1c20df2efe1afed2c1f5765c39

SHA256
8c2417ef030688b91f96e4aa42c41f058a73adfafdf2834e4f3d6155e432251f

SHA512
025f0da0dc7bf3edc70fd8edacb157bdacebe578331e0eed581b0e586cacc5643909f193839f7dffabf54afa6375725e08afed95b19a94d89c7722d8bb8b70aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
47f30015f1fb678367131baba643c4d3

SHA1
1dea453d5e575ee85f949a6556f8aca8d6ce9426

SHA256
a0e0dcda45a3e7ea1d891141de7504d9fb9884da9a8894d9b146bb953c43acdd

SHA512
4bafba3dfababa37c29afeba93fef444d2cfed0b3e84126d332142da041186426e3178ac6594c22deef924704b948fc1a9933bfd773f2a6ade75b8f020ebacb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
42cbf76da371bb61a256240b659ded3c

SHA1
7759fae6cce9b62de69ed325faab9df085426636

SHA256
5be337126457f094911667e4c3aecbdf6ce192fd993edce536ef423d63ea4fa7

SHA512
a7501c8762e7761344d8c00aaa40fccbc079207a8d893687eed54583209eb846d2d82cd63549dd847db70110b138a57b31bd88a92d16decdf6c43eec2a63878d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
24808b4b7de1f60887891fbd9c887fda

SHA1
89d5756f7620a0251bb296117a47c646751b46dc

SHA256
6d687d11bb24d2f0b8f43397af69fe0e91473e6ae4d49433d733c3b2c61a485e

SHA512
8bd2e6a944f7c10667901511eb688b8058e86e925b67647d5a2a622e51721b4cbc7c5af1c82c8c91780f4c6861a6f148ec1aa55890ddfccee9773642a3419c17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
b7fbc4498c7a79f759d200123c7a972b

SHA1
9ed27055cbab0a8761f681c6034e82ce21ae2034

SHA256
44dc62624a4b6a302989fed77e8b9af0f4fc731dfab88c69eeadde55efe67bed

SHA512
f255b8c59dad385fe52afad90f238f7171b0476e0d6fbb612342c5061953a87f7b8001868339dd49687c206a537593bcdbf2f2c4a0126cfcc0d8e64f8ae83568

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
309KB

MD5
ddaf90576c2f386e83b17e4c2f751937

SHA1
cf8b49a7952fb185b16905b585f15c935ad5bd57

SHA256
9f405e95fcb37a2b831566fac41a695849d0acf31df8c7b940872654cac29cd7

SHA512
6b726edcc47580792a59d915c29d8c9a62c29fb10458e42ffe1665b3694d41aa9e7add3cc273f2955a9a72ad72c7b5eda92bf35eda7fb218cfb9d293a6e7a770

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\UVVSJNEF\www.bing[1].xml

Filesize
1KB

MD5
52dc2b4e9c5c7e9fd3284216f964f8fa

SHA1
1e3c189c56367005e94b7fd282393ea2a610c215

SHA256
a77d0431dd6d5632c56fb0262a2cba5389d4032aa89cc4064394c06193fb12d0

SHA512
a60b99c57371f329e9951c37a4e93f610bfa88cf5c0ece52d7b4bb42699c3f247607875da1fa99f8116c6b51118fa5cf3eae2625688df0b26558ee5e74890165

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFA18D6DB872145E93.TMP

Filesize
24KB

MD5
d3cdb7663712ddb6ef5056c72fe69e86

SHA1
f08bf69934fb2b9ca0aba287c96abe145a69366c

SHA256
3e8c2095986b262ac8fccfabda2d021fc0d3504275e83cffe1f0a333f9efbe15

SHA512
c0acd65db7098a55dae0730eb1dcd8aa94e95a71f39dd40b087be0b06afc5d1bb310f555781853b5a78a8803dba0fb44df44bd2bb14baeca29c7c7410dffc812

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-6faacedf87fe[1].js

Filesize
17KB

MD5
e26b7d5406a2ffd2cebb7069e6d8205a

SHA1
0ae2c5125267b01c95f090ada0661646bbe9fc54

SHA256
52a2e372d0d91574009c664f146ed4d3506f4d8f2ae6cb749049a17daf769702

SHA512
6faacedf87fe21f4f90aac47a9a1369fe87e2638d9e227441078d0e9815250d2253ccb5926a42aa22d387cd630c98107f998be8feabe76b32f6054f38dbbc4ed

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-aeae6fcdf371[1].js

Filesize
11KB

MD5
b2958aff0cff1327739cb5f8cb1e6f5e

SHA1
db1cf967cfa841741e99dff1a862bc7f71a921d0

SHA256
964c451b19206c8d5c38eef573fbaee22d5cf16153d7fa5d3e1ff6cc6bdea180

SHA512
aeae6fcdf3717d89b8aa808dde59986fd48dd3d8d03cc9ca6072e3537f34ca564bc5202b4034541441feaadc9e30fc519d6ebf45bfba1f30ea740e0d9f07da42

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-ab87c1d6c5c8[1].js

Filesize
13KB

MD5
b21890d8481d25b90a00e3ed03b50ed2

SHA1
076a919247341bc75956932151e5503dced4506f

SHA256
c9b49f15328cbeb36c21dbd6d8a92d7a4b49e0deab7f160db26d9873610e7779

SHA512
ab87c1d6c5c8ff03e5e5bd8862d2409142547b55b646f13d4359a3bcafd07da55b216511dbd526c93956b3f9e7370f9da9beb6d013c1a6f70aa2f44bb363ac17

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9[1].js

Filesize
10KB

MD5
df07a1b760a955a9549078fd16f19934

SHA1
ff64f8bae2c22502111201422afb4f64aac7ebaa

SHA256
3cb902578dbcc1d6a3b67aecd7ee7f6dd086a3093655a292f78a8e3c6974212e

SHA512
112600808cf97132db023097b068afb0b49f7019b4333ec71f7fdb4070d69f6027541eb9437e3091c2910d47dea3a4be4a9aba67dcbce3d738897e6871592f21

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\codespaces-3bf9ff7d0f93[1].js

Filesize
21KB

MD5
b8c2534e445f292cce702b46c610025c

SHA1
388bc91cae90d88e3f207a25c3ec7d4f2c756088

SHA256
3bc36c58a41c5c23dca4708cf4f3efa034a3fa08ff0b811473370fb6c2650bf9

SHA512
3bf9ff7d0f934590f831d64760e1802c7c6115ab1deec04c805904746275102a766b6481a982d419c3dd7a6cd6a85711fd54db471b16851e45ebe08614232661

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\element-registry-e8367c9dad23[1].js

Filesize
53KB

MD5
92b74b815c5d7c5d4ac0fb112db13d49

SHA1
4d59b945ac55181cbe87977df956a4ff5824adfd

SHA256
9f3d84026e97f0a1588272eac92edeeb5e9eae1ab7e7f8774e1c86c7ded5ca0d

SHA512
e8367c9dad2387e89292efa32c4791a5ac482e2d6c3523635890aece13ad33cc04b20617707e22dada935f2871c5aef3543bb6165edcd28f7661354304df29b1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\github-elements-36d7dcef5a08[1].js

Filesize
36KB

MD5
1d569d64013262289df2a9e2142e67ea

SHA1
1e841e7834bdfb749b8201a5ffd566a118b08b1b

SHA256
c42aff1ab41b4d621a803ea8a6974fad0aa7046a0dc40eebe748be80a93801ea

SHA512
36d7dcef5a08823300078f6b7af0cedc81b45bdd627f0b1909223cd7535acdbc851941702426574a57ea4faf8f049acbbe090bc5a3898a33929022a9d179c929

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\light-3e154969b9f9[1].css

Filesize
48KB

MD5
dda4611c92e86740cc9ea1301c6ea9f7

SHA1
1d20bb0250a31e8f62cd738a41881d0155ff9726

SHA256
16299e8062cd02bb5746969f27f13765ff6ab6108a88fe69925007b65134e0c0

SHA512
3e154969b9f981782a137ade0196adbdc3919c451a134f632b4f748faabd3136e76013775f56bf3acce47e40b389a209ba3b9ae7c3b554f4619e861c128d1de9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\notifications-global-54f34167118d[1].js

Filesize
11KB

MD5
05e151ff3fcbcd0d995cc40fbdc541d3

SHA1
eb2f73aa190834b9fc5b6c1dc1bf825a596a68b5

SHA256
172e0baa0a86380302c90584a0abe6c4154ea76319987790399a437f202af72e

SHA512
54f34167118da8d30df24005519ffd6ead0f0fbd0835a40e689c062a1932faea9563e3506fe6ce903f837855b69a60dad9e400483185f716c9d7b6a1a0a9c19c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\primer-primitives-4cf0d59ab51a[1].css

Filesize
8KB

MD5
095a01e2f3bac9b2b48bb28ad38a4a8d

SHA1
91855599af787299cece3999adaa4e440dff84dc

SHA256
555bd75cf2fad0dcfcbb3578d074a907d437f0832629f3d6f83c9cc4ae8b4eaa

SHA512
4cf0d59ab51a237735819fe02c3b39528990b6717c4d555dad7053a842ac428aad3166e66699e3277cd4d4d3a3e779b4896ef42b1c26934e0349b706d3c077c1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\repositories-d27a99fb2b65[1].js

Filesize
63KB

MD5
0b3d5f0809a8ae1145e209d95fe17131

SHA1
61548effbb2052e54153268033c7ce7f4910fa19

SHA256
1d3c7fbcf750f767e109dd588176b88e3c98e6b95219bc9c6d0e1896e8eacaff

SHA512
d27a99fb2b656bf0665666652b97f9ceda6412041e53caba8cbeed505e37c216cb19e86b2d971fc27ed56114810dc158e61fca5427999239499f268905f1fe8d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\ui_packages_updatable-content_updatable-content_ts-3f4401350bd7[1].js

Filesize
12KB

MD5
fb17dee4f53d0bbab48142b0346696e2

SHA1
487bc2510708c4bbc0200938417eba04e0fc23c5

SHA256
0292f0115d49592140765c755e25d4391a280094e8492b36986aee28670e9ce4

SHA512
3f4401350bd7c887eb798d2dad80b84742ffb948051c33d8b86a2349fa88a763dea27e60f735b45f50b53bd1f515b7b28e1f100fdc7d7eb298da7bb573a921ec

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_color-convert_index_js-0e07cc183eed[1].js

Filesize
12KB

MD5
b36809a997ce5e5ad8b0b4f661ce60d1

SHA1
fff11cfd01b744a770de926e13dde8f546e565e7

SHA256
687890a8b37083fcbd85fe5fcd960a6d80378b01a5f86287f207bb7c807b5ee8

SHA512
0e07cc183eed2b6d1302e51254f6b4f204a920873dadd83581483d52bf9a2e6537ebbb0417eb04567411dac64232653a0d046abf2c31c4809bc72fc6603b0749

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd[1].js

Filesize
11KB

MD5
57ade457a2db48ce3827acaca61735c3

SHA1
fa201f97596c327ac68bf39600e91f3edced1368

SHA256
6e2d6a3eff85e0161488a91b33ec517d2aa727580a74be88666b47a0b4459a71

SHA512
bf7e5a3732fd2f07f6b274beb43d15397f077fc66beede98f59a295819dfd2814c935729244fd1eaa99a6788810b64cc00e57c846f3b0c02fa6ac514ffd2a3b6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_remote--b0e14d-7fa7d230862c[1].js

Filesize
26KB

MD5
6e09c8bf7d1a84bc0707883b97671aa6

SHA1
4de8bf1ceafb2ae6d90da7d47f2a6e0486a7ab0b

SHA256
077ef0726f2a478ac8c9254edad5a8f89bd8adea2f6c358e1e84322b42f20f3c

SHA512
7fa7d230862c650936b74cea9744bead51425a6ca9db927b936ee22ee5161bfc6a5031afe87ab22161155f9712fc31a5aa0358da3e588981279181db3479e657

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-eb9d54-74622d897749[1].js

Filesize
116KB

MD5
67815be1922b496cba8e74fda1299926

SHA1
19a13f129f864ffb8230266b6a4df623aec60b90

SHA256
5143f46cb83993afd7201af3de0d20277e3298af9fa1285e1643e96b1fdf6947

SHA512
74622d897749656fb8482f4dfa71e55bf70e00b4ecf7672332588d8001f9f83066fc3bf21f76729007d62ce9044bea0c97951dc3d663c9ddefb2ef1da744a9e7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-cdab1b-03eba6ef6933[1].js

Filesize
13KB

MD5
e3b4c4c1c984d5533758318f4c55a2b4

SHA1
f8151b35db939d39ee824e54312077443acea07b

SHA256
ba114c58445b50996c2e42cc9c4e777f920b4ce9591c37daf3d4ffc676027fc8

SHA512
03eba6ef693310eed415309f05d3be28f20b8429eb59c4b011170710539cbedbd016a1f400ae8c440b5cb2633817afa3e72ac4c19e92433b6651aca35ba41962

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7[1].js

Filesize
22KB

MD5
8c557e610c6b359c85f8e2fb2d7d7a89

SHA1
2047d14a8a0a01a3fea77da84585c89b9bd9875f

SHA256
1d3779a9c6dd13af8d7f1e60be1c2e4f08dcfc03a6921c0a83be4f49d631cb6b

SHA512
8f251a0656e7712b5b54eb6e41e9b4fb2a7f0ae4ee6c65a03ecfc0bad475fdcc56191fd588d9fbe7f93bdafd2545d37ede16ba0e8d03d3f4d2aa986fab7c9087

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_delegated-events_di-e161aa-a6774a3bb897[1].js

Filesize
10KB

MD5
55d1e81999da303c702374ce14cfb07f

SHA1
83eb586387e63816f61564ebad48b615355c6997

SHA256
cf6e509a3c37b32688907adc460972f0108583d7a7dde35d30e5369b41df2430

SHA512
a6774a3bb8975f4bd429d756dc2c0c8506df9728ae2cb4c3b90b2ca4ede06870768d6c143055dfe94ba167f7c0a245394d10b3910cd0cf0ee419fdd194a12a30

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-6b2a62-6fef0f2ad42a[1].js

Filesize
17KB

MD5
e3e4857924d7fd2911636a0ba704101c

SHA1
648d5462e3b4b7f7f2821b2761b9124d608e71c1

SHA256
2932d08f82b03bf37304b22aed20c4d020d406161f5daf6b5cb48024462c5bcc

SHA512
6fef0f2ad42ab0f742bf3bd9b291dd4969bdf1415dd07d1248f7643cc0813e2f82406fd6a030ef3e0e18bf66c84be0d0b7ee3745571bc4368743aa17bb1422f2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-9a8cd2-373766bf71f1[1].js

Filesize
40KB

MD5
4deff3c4a3a151987ca471f575325c47

SHA1
0b3931a774292111eff8c127599aa6a815acb165

SHA256
ef13136eb8c31f7bd51b3b6e6825a265db9bf466c484daf5a5a41d6c4370532f

SHA512
373766bf71f10c4bf8a4acfb54ea9246996bdf3e7476d8688c6cdc5f95cf1a280e578d9d6c14a9d4a10d75693410ec7626b0fbe33f7ddcc839aaec8e928fdd53

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8[1].js

Filesize
9KB

MD5
fbbd4bcc22313de76bcd2b3e4bb12e0b

SHA1
1422fbb0c4a416eb66e429d2cf797ed29a70dca5

SHA256
8060d4de1a065854c98adcc50f292dcab8f424a9edbdd4aabb7409cc4c6eab99

SHA512
6cf3320416b89fca281c439927ac3d76da74f9463345a891c4904c8e50b476e21d11ed06aa2316ce770c36f18337aa4e2619bd3fd28a4cc8454d649110060726

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-67856ad29bae[1].js

Filesize
12KB

MD5
b984696210a2c3f1453aa68bc3968cfc

SHA1
cee0b717b546322023326c967463cb85c1ee3e72

SHA256
b1a8eae7c45252f27bb068d7db3d9ecc7c493cc746f05523ae86a71c766e7eda

SHA512
67856ad29bae3587bf500a15af63375a25b83bb3fd3dea57dfb135c720e4885014eaffb6065f991844d8f09b0cb2606266537068cba0d90c10d3f0b0ce378a7a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\CEBP5HWF\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-96453a51f920[1].js

Filesize
12KB

MD5
7b6a14cf341122f898139383421d81fa

SHA1
6a06ae26974d95507d4b2f08d89c726707f31349

SHA256
729874dd25b54af397b158e7d249fd5e0d0423d45bc2470a6bb1140a54e56ebb

SHA512
96453a51f92073faa4b763f80658bef3f14d005ddbb8dc157321c02080dde34df8a1b0ba665ce221019c067162dab88cfd5095ad09446de665ad3afcafe574ae

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\code-5fa42525dfce[1].css

Filesize
28KB

MD5
8454fb297c45b53058776e2e57480d60

SHA1
1ae741b651bd5df6419e1db2973d18b85bc94356

SHA256
ccacc372cd4a9dd5cf0d1fca0aa5e3f590a688812672b995affa51e3fe19e148

SHA512
5fa42525dfced14f2e7d3363119c44bc1069c2b8d56f90f6a2aae610f8e38b5ce8ebad0fe481d18a66b73af070e95892aa82dd7cba963ff59e34b5ca54767595

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\github-6da540aa3f84[1].css

Filesize
125KB

MD5
608c3ebeb14359b653d8596d7700ee12

SHA1
f167a192858899b2f4c9335477b6109733820d55

SHA256
c60f9a26a30e3f23e5054c5e408bf8453eb28546a43bc079f727a83b8f58d359

SHA512
6da540aa3f8454e84d7c2ca4a4efcf43cec110975fc1419d0da575b434e79c9af9f65547a4fb6fb504a17624c78db12b668aabdf799e4edc1cc5cb0c8a46f162

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\global-103ebe55f9d9[1].css

Filesize
284KB

MD5
a676941d37c4bd302c8ded31c3d11124

SHA1
46cda49bf83e551189ce78e183c02ed235cdea9b

SHA256
f83de7992588f77860bc53f4a276bc860b8928271387c8584b4aee2e9b8f85a5

SHA512
103ebe55f9d9e6f984fd28f989295483d771686be3ff10ad992214f0b34405bf48d37073bfc18e716f8d3ee5463487982cabd607c2a2ae371f4057941e1ac3ec

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\primer-fefb1a332c28[1].css

Filesize
332KB

MD5
ad0b6e40828a9f272af97c84e6e4d5b8

SHA1
8d7da19114bbe12914c66c78fc31ce29111a623c

SHA256
5e154c648de1db76c62a206e82c06a87da452d1e40ffb8fd65b2f206e2202060

SHA512
fefb1a332c2812530daac3edf706229e43a55903422494b5566ba35de8c2d8322367dc60046ace9fe404dfc67e896d82e75a5a3ea7a6e4e08206f845c37769c1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\repository-0f7cf89e325a[1].css

Filesize
29KB

MD5
1680289ab5dba7c7d2f122630b9c820b

SHA1
d24856e6233eb9a45e9b60e822c6dd92f32efa40

SHA256
81488a04cf8146db85d91c58695d5147a7a02d6ac61210d83decf90fe5ac9247

SHA512
0f7cf89e325a36d5dad6762760cd27d42e2b00c2adde6c5916a1872e536ad2eb02ddc58b4e5e67fdcde705677429cc8c353a8669bf0c4cb678b9053530716b0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\MNO9I2LU\ui_packages_failbot_failbot_ts-aabfa4ec15fe[1].js

Filesize
8KB

MD5
84740cce33e5a31d80be06f32935cb50

SHA1
9e178476116ba28f58c4374546af052bd0bc0b4d

SHA256
4cfa417546406b106fe34920cf0befafed5d5fa40d1a723e121830132db81d3d

SHA512
aabfa4ec15fee097e1bbb782cc2cf111e627652ab5bb5dd9015cdaa1247db9ce605553ee0f297985cce3ff2a17cc0361e856d029fa8e83bc6c1972acc86aacf3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\Discord-Account-Generator[1].htm

Filesize
276KB

MD5
453fa27a7d523140172f5ab113013b7f

SHA1
5b00a39f0b1aeae99fb87f08f5d280c18b42a01c

SHA256
203b378b76c7775f47c36aa579b81a9cc47e9774e2048175965ac5d69b6545b4

SHA512
24b4c48229fba896aa5d10e06874056662632d7a58903faa6107b920245103d40e4d058ae1238e5711f23f0cd79cdd7ffbda9f73ef178ed72751c8ea480cec5d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\app_assets_modules_github_ref-selector_ts-00df584d9e79[1].js

Filesize
9KB

MD5
1eb64f6ceb00aa312e65aa7933353945

SHA1
b982eab4bcd320b994fff9f28b2efb49dbbcc080

SHA256
c758400e596d7b029c2f8ce60335349ab1c11f1ef0a0845935a221a03a07e9d7

SHA512
00df584d9e79169fb0674e21a5eaf54298124d08999b069cb2475e2f1af3486e343342f04c84f2937447cdd3b1a360585cf6afede8ac3a9a9a2f4d679971e088

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\behaviors-b32b736e8b72[1].js

Filesize
233KB

MD5
82fbbaa711f6c7394d037d08dff86ea1

SHA1
a54bbba7f332a50bbbeeae88e40b12324a83956a

SHA256
8f33909b5feb2be4bfd50663a69b226ceb0691107aca0d7a5eab3b9d5f3f973a

SHA512
b32b736e8b72ff942e1c6882837060028c2a24cb224416ba7aab6eab0217b5f120198d43888f5d5a7f34acb6d8ae9c12021fc44ce982b404434e381ee77e6c6a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\code-menu-ab2b8d126a2a[1].js

Filesize
9KB

MD5
d4f179f648ae8f976d468dc0769211c1

SHA1
11f1836253ab51d01734ce4bf4ddf585ac83829a

SHA256
8003095a53544892973a708176c26dbdf0d7d6458e6208d286508e54acc875f9

SHA512
ab2b8d126a2a7e04e4333403c4d4fb6c51a18ffbc0d85e8f57e63396d1cd7f222439acff8ece2d9e74704a6e89e87677efe59583e3c2c5c8199038691b72fe9c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\dark-9c5b7a476542[1].css

Filesize
48KB

MD5
c21f8fd1aa4306567381fc98c4658451

SHA1
8b1a242ba7d5c59596d31580b5b8f4a7bed32726

SHA256
396d793cf41edbb2964b3993c58be3224430678db6de696a3940d01eb3ab43b1

SHA512
9c5b7a4765424368e00d62b4ae89aff8c5b86fc4e93b09d49ac4d1b18f65ce9dfd3fae52e9ac25bb0d0a024ea9a08e638a36cdc278111cd7e62c5be38a1fd23c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\react-lib-7b7b5264f6c1[3].js

Filesize
209KB

MD5
c0772c4a7a3f6a29256a69e8feca82d8

SHA1
75ff0ed2d25d36f7c6e933030e691228e37c5264

SHA256
4736f0203a41862c10e5b93529b15897813bca088a8dc952250ba7c19b6901d9

SHA512
7b7b5264f6c11eb55aca6b7788e67f89f5638a53c75589dfebdb7e08f6fcad5b2555a90eeff60da4578ee429cbbdf1d886f55a30355d9386d7006241e65ee632

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1[1].js

Filesize
7KB

MD5
1f9e895454770e1761ae99dd4376e3ca

SHA1
1fdffc28e441a9c15df55dfaa565a3a27ac26e2a

SHA256
4e81ad5d4bda114b1e514c806f9e6275e1815cd20b5bc8036212537941d39445

SHA512
e73b311a14f1d2a0299829139774493c67a6b550eaf3a10b32496657c812b60d859ed364306d11e051c2d25fad6e4ebe7518fa62fc82f420517d3741a7f71214

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a[1].js

Filesize
5KB

MD5
e87764e4b54806bd9528e9413f05201a

SHA1
5d1c284dc8e2d047de24f8380f71ea9989d732bb

SHA256
a38e79c76a05e2473cefde9829cb125563e2bb06965aa3d0a41b314816bd1097

SHA512
f8a5485c982a797682c4138b024f83ea2669b7b7458c2d9eeb2c18526260e2dde0b3bc68d98415f8513e4ce099e46783a9ef8ad08b58929ca66972630953822e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_react_lib-esm_Fea-39267a-9ffd541aafbc[2].js

Filesize
763KB

MD5
cb6851ddc7807226c028096f321d5aee

SHA1
a2ca26b37308fe17c9279824eda37d8c942185fd

SHA256
74d62c6fe0e027a4566c93c5279d0d6ec09c5c1df59d2a07efa61f7867300873

SHA512
9ffd541aafbc62319a2d45e6e30a41206d9d99470184d6c1cd37c2bba5526c763d1a09adf445a4ad9674df84969220742b14082598cd3100109b10d4974ad2a2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-a93feaebb7e6[1].js

Filesize
22KB

MD5
cdbab79c26aefbfeae8a0703643f1fb7

SHA1
50a19b970cef15cc4b5d188cb07fee1d689cd4b7

SHA256
ca214effe0729e1e39f32b6b4772b7a6cd6ad26d0fd8400c38e4b2de1275baf0

SHA512
a93feaebb7e672a29bf11ce262724a5ac0b43efc31562e84af86be7ab5f98a9ae28db742feacf6cb7a4792e172b7aef46b3274dab2b40303974eb4958340f8fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VSOKIDYP\vendors-node_modules_primer_react_lib-esm_Button_Button_js-f36ad879d477[1].js

Filesize
26KB

MD5
5816c9674bf39dc86b51744393bd575e

SHA1
3cc4a78a8e74d5d91427de149d626f9fcc8d305f

SHA256
6c070bf861c49e60e8ed381a33bdb17784d26bc93318c51f82849ad889dd077e

SHA512
f36ad879d477bd89096b9eb11036ec73935e71feb946b62a415f91c70722362e37b2b5713dabfa3388fecff9d026c1c24fbb6fcc80d1ace2426397d333625706

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\environment-2f240f7ed1b3[1].js

Filesize
4KB

MD5
7d6d4c80201b925d4aeb993e4f40af4f

SHA1
95e341beb912114aba5991310796fc50be5f189e

SHA256
7b35d9455560b39afa30c2db9993a6495c2d82d41212d4eac59ad6d7d320abf3

SHA512
2f240f7ed1b3963794a3e58a15205239f1f754ca88c00c0988d71b7fc472f7a6e2be1da811c063666463394703bd1200614427afbb06ad9e24f1e66b43079e4b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa[1].js

Filesize
16KB

MD5
6d0190b1025c7e9e086d6f5c11885986

SHA1
a28ddb8d44802567c12fb62877f4ba5d1dcf7e20

SHA256
395734038e039e2749fd0b9bed53f15debc1d391aebdaa05a3cbfd96e3a42157

SHA512
634de60bacfab016d7cb9ffe97df6b5b7533845d696adab4afd9ed684466e0b0d604a44b259c4569713ffd06e8f5d6a7d066162193b581e196d66e88c1b92bc5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f4b251-f7c3b6081b19[1].js

Filesize
13KB

MD5
07db8fd7c0d6d1d98d1e07156a23c873

SHA1
26c0a8e9de88a9e88e96985613b9145ecc294d2c

SHA256
18c24a8fd0f795bd9220dbdd2ef08c8b0ee030dc0123af5a570555d94fc61dbc

SHA512
f7c3b6081b195e4be03cb8c99b16624a685f2f7a3c39a9bdcc0f8e439019e8ab6640a0a2673d5597dd1808f149371a05c9be8a9ad7f41759e6ba4a3433ce0cff

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e[1].js

Filesize
21KB

MD5
383e44dccc233540968acb7fef070359

SHA1
18a5430a0b2ca2bf000d86e08c54506a353d7c05

SHA256
e099ba09d44edcddf0de12aa96dbc7aae4b03749e57b865b7310d1b1cb6a8484

SHA512
b73fdff77a4e401513d1f7f003641c229d65e0dac7f94754956cd8006e8cccb576907ebd697dc75e857ced074381175db487ea75bba2ccc8238e913e20fc23a1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-b9c7cf3107b7[1].js

Filesize
16KB

MD5
296c61843cf768161b75f8ba7db0803a

SHA1
a2fe171b4773a7ee5fe50b463cef3cf99585a712

SHA256
dc3a837b7d3d883b43e92ca92dd8172255ee4a8254ae3d59075c955156d0eebf

SHA512
b9c7cf3107b742310fca225fd701b7035cf3f8ac9438c3b1e0bc1eead2c0747fc1e8ff9849df20f13e8ee54054ec0e383e6a35919f89d8bcee7fb9e123ea7bb1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_auto-complete-element_dist_index_js-a164c5ea9f62[1].js

Filesize
13KB

MD5
203cb83362a88a295c23c88e26320253

SHA1
ba89a34554422d79c91873fdf7116cf9e4caf1c7

SHA256
a3c06fd5154472e1d8c8cbf2105912205a4fc75b9b6a75b273859edc30bfbe9d

SHA512
a164c5ea9f62fce49ae15eb21bd3f1a3bddc116674e712f7a53053fb64ade3c0aaee903a8d841ad82f8a54e658f3bb877076de25ac69437ff5529a3e4aaaba95

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-428401-bb66ac5d7472[1].js

Filesize
12KB

MD5
a44f9eb3477a549a8450000161107f30

SHA1
8c33e52e5302530fc81b1778b481fec3cc87cfd4

SHA256
786a1ab4e59176383051c433f6803078e766240ade009ed5ef95a125049b886b

SHA512
bb66ac5d7472c636ff906407e806667e737037673e60da2da8a825168ee04bf3298e47ccb0dd0a439251f8df9aa58b236686c88a5fca47d330844eefbcacfbd3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e[1].js

Filesize
9KB

MD5
047d853fec811d81d3c1c8ec87f9b472

SHA1
a35d29910fbca71733d28e49600a4d07cb72326a

SHA256
ad73313e109c376d8d299713e3d5c16844f4fa717efec02c2c7d35f86840fffa

SHA512
e6893db9c19eece62f53b50247b78b68b30bf4e2af9624f302551ac10d3e9d49cddc2f1097d7887ae525c2f58cf6a89ecec3872495803f4a4f78a496af5f3c40

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c[1].js

Filesize
15KB

MD5
e89cac3e3116110f5678d2857d9803d4

SHA1
c357fa95477a3a0a1a63dec0e9d2433d172bd005

SHA256
bf6dfa6b068f933d79071102dd912171c8feea27e9bb3f332ec9e6c358e199a2

SHA512
6d3967acd51ceaed2dc7390dea496c2db52afe8eb556126ee2b2f52b0b127e2869a921146554e8d1809ef22c2aba53019700a283f4362d85b226ad6fb1f5871b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5[1].js

Filesize
9KB

MD5
e131f8c9b77918aeb94fd82199a423d6

SHA1
71eaae086cd44a8904f39d27fb5387bb957976f0

SHA256
01f9a0ec0bb24312ae0395b6aa238f8d910dc35c08ef5a25a1e9cd8feac83c32

SHA512
f690fd9ae3d5a240e479fea97ac82940f136f3f2e0262cac840345f2b956123117ca94424dc354d90d13f1c0169c24b19526505bb2fad70c8c364899474a9495

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_text-expander-element_dist_index_js-e40ed7658a74[1].js

Filesize
14KB

MD5
228c23e82e6508008d9d90c7c5e5d676

SHA1
608ba2203b26ba3953164f4cdc082010bbe5b515

SHA256
0a539066142a2dbf1e6dcdf2a49ee64839c7e73851a3c18cedec91f41df13b5d

SHA512
e40ed7658a745cfd613a689cfda47868a3075c0ae08eb872b00a606d310684bf20c98551f1aec7ec196830ac55c01f51985ad5e08a8b953583a306f23aaa1c20

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76[1].js

Filesize
75KB

MD5
bc119e97d7bbac343f62984dc8d4dcfb

SHA1
b7fe0a56ce370e54bad0aae6d96bf52cc192a03c

SHA256
09620d3f9286d39a8eee8f036655e3555fab6c6b6ea0abd84a466aff8ae3814f

SHA512
858e043fcf7611a217e05ae5a181c4addfa23f21a298036b48430fbaa153a7248777408c1238742e7f6c53cd6bb4a1d6b6f60344048fa3714df464ce44b902e6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_lit-html_lit-html_js-ce7225a304c5[1].js

Filesize
15KB

MD5
b4de96241178473d9f682dea5a92e41b

SHA1
e274c147c9bcb636b3bf4f9df1acfbada27d8a90

SHA256
c823056c4e37d95cdee809f535000bb37b9c8d956ab0410c98a6f4a8fab4f47f

SHA512
ce7225a304c5935fa3fdab2e736d9738651ed0fa6f4503bb65deaee022bc03c3033170d53adc2c1a77c88904ea14a9603519b87990f04e47885209a53c893056

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2[1].js

Filesize
9KB

MD5
2eb9961e08f81bdca617ddb67c2fb708

SHA1
15cb6d7ffe93324b38bb62bcc4ff14d1a57f94bb

SHA256
0f2cd40ad364711db1fee03cf9f6ca04fc56f5c3ba497dc476c5879e129d968b

SHA512
56729c905fe263a6b7978bc67c09b8dab69592e21aa9addba78866790bdb2dbd85e41e6a6663d511e73a8edeb75933b549b3c393a465748790a6fd50b337cee9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669[1].js

Filesize
16KB

MD5
6c7c591d15bb45ff5685123849338fa3

SHA1
7f1c36b3fede6c0020efbe6daf49edea2ff28082

SHA256
a020d57ae1d21c34a4ce98538c1c63f112fd3b7a5e4809d377356df0d74b9dd9

SHA512
4aa4b0e9566911a02a88dd7c9489c05aee4819549b15d3139cc22c2e91dd44611bdd25754c8677bad0c239f59395eb9b62031cd8f1845f5d68dd57d71f790148

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YPDD35OA\wp-runtime-c60a0131019f[1].js

Filesize
54KB

MD5
d8c512a75bbe5f17f5e3578a17e996d2

SHA1
02bd948cc6c9a05b4d4aa0a4d043e84cb6580679

SHA256
e8d2c94136b814de69240782de60fe63a7021026d81fe0d6908b5f311f2ef9ab

SHA512
c60a0131019f2923b92b2fd0bd7dd6cec52f658555a74745bc6d4c938f5e5ba8f5260d349151bbf0f62f51583a125aca70ebceeff95ee402cb152238f024d325

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IFXV1ZLN.cookie

Filesize
167B

MD5
a19b744fe89d30c0417b068e1714389b

SHA1
b10103a1c1028352ba907da13aa5d55fbb3e1ea6

SHA256
ddf29ae43387cce83ab4f569500c103bb73f8b1745cb432224a0f875b631309d

SHA512
73ce733bc9900b334b2597867faa2596505cd16d27877ce655d68a19c2bab51b899d2b913e038297746a040252bd61b6c0e7afcf681b72e7beef515af5ff94c8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
281B

MD5
905257f7bc2aab68616198d11d70b356

SHA1
362d9bb17af427dd763894a999252954b4d9a04e

SHA256
16feaf699a6b74b86dd3207b2a04ceecba58b425f03a3a335605beb36bf517da

SHA512
96fd8892d2c7c1cfb1bc057398ba31755924c92cceac5e7d618ecae15d5e2a147e3592c9a34a6f1f286c3d909d9e99498dfecdb1e8fd9328e828fc56f6b5a614

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
1KB

MD5
dc90b632ea2df8a5233e779c32d77a1d

SHA1
007786def1666dae999fdbbb7cd2d74cd0e03660

SHA256
9a4a05129b91d1fedccfde3437be5548bb5c785b74bba4d29dc3c2dffee43fc7

SHA512
f845cad1b7c560fcad7b3cfa56e0e50494a8af0cc001f91f2e2f6e7f8e363c172e15840f0ed489dd993db6f67b41446d85eb0bd6d07859cc02a6b72fdfd81912

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
978B

MD5
1ccb14f3da998cbccd29755cfbc849da

SHA1
7bc7eed4f61f4c5fc227cd51fbb2b6ac253462d7

SHA256
a5174764e61e48061e35bd002059ad6b62dae1f12f4d27a785c65c62aa33fb8a

SHA512
20626cf129ad188146d63e7b3b41bc483ae08cbccce2025d26cf319425d3b3518519645e6db621c189abd21363e567e4b7ec9880f66c104e7c1d281db632af57

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
480B

MD5
56c5346ae70bae2f6e3d6cdf0a378898

SHA1
ea6164a977ed30455ce0b39c4ed2e6211e8f9547

SHA256
9210c0d3799a47077dd753a64b6c0d38bb10f29c6726216e13d14bd88c1da6a6

SHA512
027de049df3591d137432e717cea6b4d3915f22f3cecf6c2018e38cc6c7de7f5c4bf155a63a6dfb9f7dd4f4bc8e38805eb774b7ddb224daa76add563ddf54050

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
482B

MD5
abe3e145b316650abd5bd64005bc8bd8

SHA1
3f0db2e1bb51f747ec00475509270bdc6648db6c

SHA256
92cca2501697ce158e750ad388484ac14c44883ca337c1fe40094a9aaf1c081a

SHA512
b7b9ce236372d1624096f25eff88d75d5cbddd657a7271b2ba0ca57a3e8ee4098d32dd43710a9bbec87339e2dd3037ff2f801fcea2262218a54aacf3f6901afc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
480B

MD5
d47ad47de486a39c3a784c4e881e7004

SHA1
411d747e19146fd32cf1ff6e942353e62356d201

SHA256
3e13a83171aaac64390044f1d63a6035108c939f34307b0e4d85a818544b0d90

SHA512
181aa733d13ea9ab5bf1ed5c9acd484f1247b07a4b98f60405d3931daf38413fc0b3e460b8fa61c6908c8fd5d5ba62a8d5773185f01e9b594385202968fe4bc7

Download Submit
C:\Users\Admin\Downloads\main.exe

Filesize
78KB

MD5
2dfd2fba1022292bcd1867b126624260

SHA1
ef374c3639e3f28a8594e1385a0f45a8e51f2673

SHA256
954bf7c432eac4d4291b76b598fe25f28275800eb9d06fe7f3f0b53b41f72c74

SHA512
1cd7427295950491b627945c4f848906e3ee710e593033ed24638b7e29ace004b7ae8d3cfc7726b3e1dea53595336ba165b1fd5282f8637b047a50217238c9fc

Download Submit
memory/872-354-0x00000183EE300000-0x00000183EE400000-memory.dmp

Filesize
1024KB

Download
memory/2020-363-0x000001579C160000-0x000001579C162000-memory.dmp

Filesize
8KB

Download
memory/2020-358-0x000001579C1C0000-0x000001579C2C0000-memory.dmp

Filesize
1024KB

Download
memory/2020-369-0x00000157AC920000-0x00000157AC922000-memory.dmp

Filesize
8KB

Download
memory/2020-367-0x00000157AC900000-0x00000157AC902000-memory.dmp

Filesize
8KB

Download
memory/2020-365-0x00000157AC8E0000-0x00000157AC8E2000-memory.dmp

Filesize
8KB

Download
memory/2020-373-0x00000157ACA00000-0x00000157ACA02000-memory.dmp

Filesize
8KB

Download
memory/2020-359-0x000001579C1C0000-0x000001579C2C0000-memory.dmp

Filesize
1024KB

Download
memory/2020-371-0x00000157AC9E0000-0x00000157AC9E2000-memory.dmp

Filesize
8KB

Download
memory/2908-0-0x000002424D320000-0x000002424D330000-memory.dmp

Filesize
64KB

Download
memory/2908-35-0x000002424A7B0000-0x000002424A7B2000-memory.dmp

Filesize
8KB

Download
memory/2908-402-0x000002424A7E0000-0x000002424A7E1000-memory.dmp

Filesize
4KB

Download
memory/2908-399-0x000002424C5B0000-0x000002424C5B2000-memory.dmp

Filesize
8KB

Download
memory/2908-16-0x000002424D420000-0x000002424D430000-memory.dmp

Filesize
64KB

Download
memory/2908-406-0x000002424A7A0000-0x000002424A7A1000-memory.dmp

Filesize
4KB

Download
memory/3384-721-0x0000012BDEC60000-0x0000012BDF186000-memory.dmp

Filesize
5.1MB

Download
memory/3384-720-0x0000012BDE360000-0x0000012BDE522000-memory.dmp

Filesize
1.8MB

Download
memory/3384-719-0x0000012BC3D20000-0x0000012BC3D38000-memory.dmp

Filesize
96KB

Download
memory/4316-261-0x0000020CA42D0000-0x0000020CA42F0000-memory.dmp

Filesize
128KB

Download
memory/4316-266-0x0000020CA4910000-0x0000020CA4930000-memory.dmp

Filesize
128KB

Download
memory/4468-42-0x000001F104100000-0x000001F104200000-memory.dmp

Filesize
1024KB

Download
memory/4468-44-0x000001F104100000-0x000001F104200000-memory.dmp

Filesize
1024KB

Download
memory/4468-43-0x000001F104100000-0x000001F104200000-memory.dmp

Filesize
1024KB

Download
memory/4504-66-0x000001AA5B300000-0x000001AA5B400000-memory.dmp

Filesize
1024KB

Download