Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

fe832678b8...8.html

windows7-x64

3

fe832678b8...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    100s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/09/2024, 12:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe832678b85973902fbc852f253e3c49_JaffaCakes118.html

  • Size

    86KB

  • MD5

    fe832678b85973902fbc852f253e3c49

  • SHA1

    b6e971462e306cb1b89fe47b3e103c3750f77735

  • SHA256

    6a44d46aa6a149df19a27687f3d50a737722ba38a1826a6a66b7e67969d07cd9

  • SHA512

    e8c5222aa9df8a62a2b090857645da15c9fe79038030c579bd9823b0847bc1a89f3e1e1a8f268ab2cb6d13a86a41d9c2be2612ba69bc3a7096ce87103fdfb135

  • SSDEEP

    1536:cIbjItFnc3kjLskh1cMKVddK5MctRtgzvMVhc6Ont1FllcbgJvx5DHcLhFz9Zs0U:Lb+jQ7jd+Ct/Z2Euy537xr/MRfCVZH

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 33 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\fe832678b85973902fbc852f253e3c49_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffdcac46f8,0x7fffdcac4708,0x7fffdcac4718
      2⤵
        PID:4588
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
        2⤵
          PID:1056
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3384
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
          2⤵
            PID:4948
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
            2⤵
              PID:100
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
              2⤵
                PID:208
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
                2⤵
                  PID:2060
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
                  2⤵
                    PID:2012
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
                    2⤵
                      PID:1980
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
                      2⤵
                        PID:4316
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
                        2⤵
                          PID:2940
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                          2⤵
                            PID:4896
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
                            2⤵
                              PID:2536
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
                              2⤵
                                PID:2660
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
                                2⤵
                                  PID:1872
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
                                  2⤵
                                    PID:4244
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
                                    2⤵
                                      PID:4424
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
                                      2⤵
                                        PID:4304
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
                                        2⤵
                                          PID:5312
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
                                          2⤵
                                            PID:5400
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
                                            2⤵
                                              PID:5516
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
                                              2⤵
                                                PID:5820
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5836
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
                                                2⤵
                                                  PID:5912
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
                                                  2⤵
                                                    PID:5920
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1
                                                    2⤵
                                                      PID:6140
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
                                                      2⤵
                                                        PID:5304
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
                                                        2⤵
                                                          PID:5716
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
                                                          2⤵
                                                            PID:5696
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
                                                            2⤵
                                                              PID:1300
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
                                                              2⤵
                                                                PID:2916
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1724 /prefetch:1
                                                                2⤵
                                                                  PID:2024
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1
                                                                  2⤵
                                                                    PID:1120
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8204 /prefetch:1
                                                                    2⤵
                                                                      PID:2076
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8132 /prefetch:1
                                                                      2⤵
                                                                        PID:3892
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
                                                                        2⤵
                                                                          PID:6092
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                                                                          2⤵
                                                                            PID:4976
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8540 /prefetch:1
                                                                            2⤵
                                                                              PID:1756
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1979685942239605203,3380862283981023103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8548 /prefetch:1
                                                                              2⤵
                                                                                PID:2056
                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                              1⤵
                                                                                PID:3456
                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                1⤵
                                                                                  PID:4420

                                                                                Network

                                                                                MITRE ATT&CK Enterprise v15

                                                                                Replay Monitor

                                                                                Loading Replay Monitor...

                                                                                Downloads

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                  Filesize

                                                                                  152B

                                                                                  MD5

                                                                                  eeaa8087eba2f63f31e599f6a7b46ef4

                                                                                  SHA1

                                                                                  f639519deee0766a39cfe258d2ac48e3a9d5ac03

                                                                                  SHA256

                                                                                  50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

                                                                                  SHA512

                                                                                  eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                  Filesize

                                                                                  152B

                                                                                  MD5

                                                                                  b9569e123772ae290f9bac07e0d31748

                                                                                  SHA1

                                                                                  5806ed9b301d4178a959b26d7b7ccf2c0abc6741

                                                                                  SHA256

                                                                                  20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

                                                                                  SHA512

                                                                                  cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\470bc8fe-20d0-4923-a248-45f609473fc2.tmp
                                                                                  Filesize

                                                                                  6KB

                                                                                  MD5

                                                                                  cf1a629ac5dcb146d6faa288cdb459f6

                                                                                  SHA1

                                                                                  a840e641fd9a446d231ea954617c5d96d591a449

                                                                                  SHA256

                                                                                  19f89301a3951183c615e8dc25bb11a05251f9d1ae96c3af3b29f18b627d310e

                                                                                  SHA512

                                                                                  907cbeefe4a6c0e040931b25a85153eabbe55c6efecfb5062cb940cf47c3ae2d03a2ec6103c6c8c75443efbf5da66eaf11d300f17898ee3213057dadff3c0c40

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                  Filesize

                                                                                  696B

                                                                                  MD5

                                                                                  44a401a7479dc023c151513da351adbf

                                                                                  SHA1

                                                                                  b3b903f843d69519e18a93d2d9eab37d245ccbff

                                                                                  SHA256

                                                                                  5ab25b211beffe88bc0ec60cd814b6d6bc71440247effb13339fd56369ef8b1d

                                                                                  SHA512

                                                                                  d5b153b5946c31feae0871f895b8c85ba352092ccc7273a204fd7d7a5ce64b2facecb3acb6b5b1ed4204838b25cc86df064822ed4982f1fcce4ee867fe61c03a

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                  Filesize

                                                                                  2KB

                                                                                  MD5

                                                                                  b4776af5f6594c5d57f0e3e9649f64e1

                                                                                  SHA1

                                                                                  3a1825bb4c356c90c2e1bb643381d87bddfa2b6a

                                                                                  SHA256

                                                                                  c0eb20b65c506d135c1e59d518a9d636005f59fd197d7f7017943d67d7c9faeb

                                                                                  SHA512

                                                                                  9f50001389f33a77622148e0d40e20b35820163f9d71554ccf16373d2460543f771ebe87e9440a235eeb22a4717b3300ccb3ff06790cd928cfa6d6549b9bd428

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                  Filesize

                                                                                  2KB

                                                                                  MD5

                                                                                  0641cf3fcc4bc4f9426f30e9626b7160

                                                                                  SHA1

                                                                                  511ff29c269224cc9824bff6093bb064ded2731d

                                                                                  SHA256

                                                                                  f5947044efe995f58859dac0428d40d140d157c0950e7652cda9a8a347ee3310

                                                                                  SHA512

                                                                                  3349a28f0b7aac5c5b636decd32ce24e9ee522f0a1bd6385ccde91aaecf24f2c0949aa21974841dd8afcb16b3fcd7ac262e2d1570a209f50e5c3a27b2cccdfde

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                  Filesize

                                                                                  6KB

                                                                                  MD5

                                                                                  97bbad3dcb025bf36eb3cb387604a89d

                                                                                  SHA1

                                                                                  55d4ec836fd51c3be348a9a233a33f4a9ca0c309

                                                                                  SHA256

                                                                                  9d1b1227528dca3dcc7f6c8f00bc32de868a55c8ca49583f4ef2c00d11ef2c43

                                                                                  SHA512

                                                                                  e7ca02123daf52f9f5be4e1f9f9f9b7c514f2031e5e9a8658ab027c856c1303717caeb9ec43f8395d43e7e49bdc87798e8a9648e66da7d6d85a6c23c3921ad18

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                  Filesize

                                                                                  6KB

                                                                                  MD5

                                                                                  78563d25dd8afe3f7c36b4b80d321bdd

                                                                                  SHA1

                                                                                  e184bc59003316e58ab004878f72a406a8a9a21d

                                                                                  SHA256

                                                                                  f0134815083089368a96301551ef0b9b35ca01a5663b2af323ae18375ffe81ff

                                                                                  SHA512

                                                                                  d9159ff9c2036f85c4836459fa0c29209945153f292e1c1725ebee3d22c88f172fcddd88f04621010237749d5d35ff574b9e711161e2dcbb0db6cdd2bc260813

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                  Filesize

                                                                                  1KB

                                                                                  MD5

                                                                                  b48715f6b8727cdc485a136969295fbe

                                                                                  SHA1

                                                                                  c885fb2b7bd744eafad526948759eae92b22bc44

                                                                                  SHA256

                                                                                  c43a6bf27eb2ee38ac7a7aec969d5eb0bdd642b6c50a29fe585684f7a973da51

                                                                                  SHA512

                                                                                  119d9c1cd4f887da10fae852614e6a5045cd49cb9d64d75c354a4561d6a2501130c33cc3a940f4618a60a368fff38bbf1226f5c9ea307d63c4198dbe4558c49e

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58486e.TMP
                                                                                  Filesize

                                                                                  371B

                                                                                  MD5

                                                                                  625abe52be8ff0eda79b622dd42e4ff8

                                                                                  SHA1

                                                                                  b9f3c20a1cea9c2d1c4a2f1719e40c76e5d57e7b

                                                                                  SHA256

                                                                                  724732051cf13b2233ce7e0fa7feec5d4e66174e202c5a84cf1e9e187a2b8d53

                                                                                  SHA512

                                                                                  81413e5884abb0f9588f8ab633d764cfb48a76d514b64a69d42a3d62d3171ac36f6746ced93dfb684bf857a23d811304510988543183d5e85ba54a8d3c7acd90

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b934e578-3d7b-4323-8a32-db5ac120b465.tmp
                                                                                  Filesize

                                                                                  6KB

                                                                                  MD5

                                                                                  163d34dec5f4c39236faab1835765674

                                                                                  SHA1

                                                                                  3cc6dd4113a28e6bb7163defa6f086358f066220

                                                                                  SHA256

                                                                                  298a05852a06175b71236198e65327945d005a074c30734fa0c33688072c6f29

                                                                                  SHA512

                                                                                  7d28a244b86ead8a2bb71463a578c8b6a7b0c70daa3823130a12cbf389114e3c6f3a38fce0ad5a56e847b2e4030f39db0e85e4d0081634825565155fb7dfe58a

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                  Filesize

                                                                                  16B

                                                                                  MD5

                                                                                  6752a1d65b201c13b62ea44016eb221f

                                                                                  SHA1

                                                                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                  SHA256

                                                                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                  SHA512

                                                                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                  Filesize

                                                                                  11KB

                                                                                  MD5

                                                                                  fb800c04df27514d1290195f4023f475

                                                                                  SHA1

                                                                                  2cf967aef8aff983da40854dc2ad89b1a6b73565

                                                                                  SHA256

                                                                                  30752a161589b641589ecefd3aba51599e9c8c27d8cd8db4b00b749beaeccaed

                                                                                  SHA512

                                                                                  921aecd5f77ffe532cbf7a2d37d79a3bfb0e8c78b7390f745184face9cfe32e4854a6326726599d470b944875363ca0a1dd1ac83dfb45411b41cb129355a761d

                                                                                  Download Submit

                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                  Filesize

                                                                                  10KB

                                                                                  MD5

                                                                                  478fbba9bf21002f63f160f93cb64368

                                                                                  SHA1

                                                                                  74795d354e33e3f0a91e2fd3ab354261bafa958c

                                                                                  SHA256

                                                                                  e245b76230f5baebc8585b470ac7c07b04d6941d4096945b810d48c138e81ee6

                                                                                  SHA512

                                                                                  501877419d89d87127ae66105610f80451980ea1704342504b87cf6121487f414f4a7f90a6aadb8e8db229a9ac5a1b8e9296303685061b62e41cd8bf0a0910ca

                                                                                  Download Submit