Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://wearedevs.ne...

windows11-21h2-x64

10

Analysis

  • max time kernel
    210s
  • max time network
    202s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    09/10/2024, 12:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://wearedevs.net/d/JJSploit

Score
10/10
discovery

Malware Config

Signatures

  • Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs
  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 5 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Network Share Discovery 1 TTPs

    Attempt to gather information on host network.

    discovery
  • Drops file in Windows directory 4 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 18 IoCs
  • Modifies registry class 4 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 55 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3236
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://wearedevs.net/d/JJSploit
        2⤵
        • Enumerates system info in registry
        • Modifies registry class
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:3796
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
          3⤵
            PID:676
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1952 /prefetch:2
            3⤵
              PID:2168
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
              3⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:3816
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
              3⤵
                PID:4876
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
                3⤵
                  PID:1196
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
                  3⤵
                    PID:700
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
                    3⤵
                      PID:1552
                    • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 /prefetch:8
                      3⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3936
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
                      3⤵
                        PID:4540
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
                        3⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:2588
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
                        3⤵
                          PID:3532
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
                          3⤵
                          • NTFS ADS
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3504
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
                          3⤵
                            PID:32
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1672 /prefetch:1
                            3⤵
                              PID:788
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1332 /prefetch:1
                              3⤵
                                PID:2468
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
                                3⤵
                                  PID:4548
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,3816144420380414429,3766378584154777373,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
                                  3⤵
                                    PID:2156
                                • C:\Users\Admin\AppData\Local\Temp\Temp1_JJSploit_8.10.7_x64-setup.nsis.zip\JJSploit_8.10.7_x64-setup.exe
                                  "C:\Users\Admin\AppData\Local\Temp\Temp1_JJSploit_8.10.7_x64-setup.nsis.zip\JJSploit_8.10.7_x64-setup.exe"
                                  2⤵
                                  • Suspicious use of NtCreateUserProcessOtherParentProcess
                                  • Loads dropped DLL
                                  • System Location Discovery: System Language Discovery
                                  • Modifies registry class
                                  • Suspicious behavior: EnumeratesProcesses
                                  • Suspicious behavior: GetForegroundWindowSpam
                                  PID:868
                                • C:\Users\Admin\Desktop\JJSploit.exe
                                  C:\Users\Admin\Desktop\JJSploit.exe
                                  2⤵
                                  • Executes dropped EXE
                                  • Suspicious use of FindShellTrayWindow
                                  PID:3096
                                  • C:\Windows\system32\cmd.exe
                                    "cmd" /C start https://www.youtube.com/@Omnidev_
                                    3⤵
                                      PID:1188
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/@Omnidev_
                                        4⤵
                                          PID:1556
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                            5⤵
                                              PID:3468
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1800,1449202640262935999,3865866985151944038,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
                                              5⤵
                                                PID:612
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1800,1449202640262935999,3865866985151944038,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
                                                5⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:788
                                          • C:\Windows\system32\cmd.exe
                                            "cmd" /C start https://www.youtube.com/@WeAreDevsExploits
                                            3⤵
                                              PID:964
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/@WeAreDevsExploits
                                                4⤵
                                                • Enumerates system info in registry
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                • Suspicious use of FindShellTrayWindow
                                                • Suspicious use of SendNotifyMessage
                                                PID:1896
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                                  5⤵
                                                    PID:2808
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1824 /prefetch:2
                                                    5⤵
                                                      PID:4412
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
                                                      5⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:3248
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2640 /prefetch:8
                                                      5⤵
                                                        PID:2776
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
                                                        5⤵
                                                          PID:1572
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
                                                          5⤵
                                                            PID:1828
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2460 /prefetch:1
                                                            5⤵
                                                              PID:2472
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
                                                              5⤵
                                                                PID:3868
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
                                                                5⤵
                                                                  PID:2260
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1812,16258639075924246791,3459744666483391059,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3412 /prefetch:8
                                                                  5⤵
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  PID:4636
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=3096.3656.9082228554381902499
                                                              3⤵
                                                              • Enumerates system info in registry
                                                              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                              • Suspicious use of FindShellTrayWindow
                                                              PID:228
                                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xc0,0x1d0,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                                                4⤵
                                                                  PID:2060
                                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1804,7512490583228865368,1302418947898957674,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1812 /prefetch:2
                                                                  4⤵
                                                                    PID:4300
                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1804,7512490583228865368,1302418947898957674,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=1876 /prefetch:3
                                                                    4⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:880
                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1804,7512490583228865368,1302418947898957674,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 /prefetch:8
                                                                    4⤵
                                                                      PID:1352
                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1804,7512490583228865368,1302418947898957674,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
                                                                      4⤵
                                                                        PID:3268
                                                                  • C:\Users\Admin\Desktop\JJSploit.exe
                                                                    "C:\Users\Admin\Desktop\JJSploit.exe"
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    PID:1524
                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=1524.4768.13030822371379604034
                                                                      3⤵
                                                                      • Enumerates system info in registry
                                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                      PID:3008
                                                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x10c,0x134,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                                                        4⤵
                                                                          PID:1976
                                                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1724,13203081567282856816,7650345984638369785,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1740 /prefetch:2
                                                                          4⤵
                                                                            PID:3860
                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1724,13203081567282856816,7650345984638369785,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2132 /prefetch:3
                                                                            4⤵
                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                            PID:488
                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1724,13203081567282856816,7650345984638369785,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2572 /prefetch:8
                                                                            4⤵
                                                                              PID:2840
                                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1724,13203081567282856816,7650345984638369785,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2976 /prefetch:1
                                                                              4⤵
                                                                                PID:820
                                                                          • C:\Users\Admin\Desktop\JJSploit.exe
                                                                            "C:\Users\Admin\Desktop\JJSploit.exe"
                                                                            2⤵
                                                                            • Executes dropped EXE
                                                                            PID:3780
                                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=3780.4808.1646232743330852256
                                                                              3⤵
                                                                              • Enumerates system info in registry
                                                                              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                              PID:3212
                                                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1b0,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                                                                4⤵
                                                                                  PID:2904
                                                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1804,3263571765665396683,4753802004020712635,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1816 /prefetch:2
                                                                                  4⤵
                                                                                    PID:3412
                                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1804,3263571765665396683,4753802004020712635,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2228 /prefetch:3
                                                                                    4⤵
                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                    PID:876
                                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1804,3263571765665396683,4753802004020712635,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2736 /prefetch:8
                                                                                    4⤵
                                                                                      PID:3812
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1804,3263571765665396683,4753802004020712635,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2960 /prefetch:1
                                                                                      4⤵
                                                                                        PID:1484
                                                                                  • C:\Windows\system32\taskmgr.exe
                                                                                    "C:\Windows\system32\taskmgr.exe" /0
                                                                                    2⤵
                                                                                    • Checks SCSI registry key(s)
                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                    • Suspicious use of SendNotifyMessage
                                                                                    PID:2584
                                                                                  • C:\Users\Admin\Desktop\JJSploit.exe
                                                                                    "C:\Users\Admin\Desktop\JJSploit.exe"
                                                                                    2⤵
                                                                                    • Executes dropped EXE
                                                                                    PID:2648
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=2648.4252.4043545389052117261
                                                                                      3⤵
                                                                                      • Enumerates system info in registry
                                                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                      PID:2016
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x118,0x7fff67a93cb8,0x7fff67a93cc8,0x7fff67a93cd8
                                                                                        4⤵
                                                                                          PID:4452
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1852,11234953861860611405,17406655125646874843,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
                                                                                          4⤵
                                                                                            PID:2572
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,11234953861860611405,17406655125646874843,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=1924 /prefetch:3
                                                                                            4⤵
                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                            PID:4868
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,11234953861860611405,17406655125646874843,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2464 /prefetch:8
                                                                                            4⤵
                                                                                              PID:3848
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1852,11234953861860611405,17406655125646874843,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2924 /prefetch:1
                                                                                              4⤵
                                                                                                PID:2052
                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                          1⤵
                                                                                            PID:1176
                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                            1⤵
                                                                                              PID:1948
                                                                                            • C:\Windows\System32\rundll32.exe
                                                                                              C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                              1⤵
                                                                                                PID:1988
                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                1⤵
                                                                                                  PID:5064
                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                  1⤵
                                                                                                    PID:568
                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                    1⤵
                                                                                                      PID:956
                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                      1⤵
                                                                                                        PID:800
                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                        1⤵
                                                                                                          PID:2912
                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                          1⤵
                                                                                                            PID:4724
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:4604
                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                              1⤵
                                                                                                                PID:4884
                                                                                                              • C:\Windows\system32\svchost.exe
                                                                                                                C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
                                                                                                                1⤵
                                                                                                                  PID:1028
                                                                                                                • C:\Windows\System32\oobe\UserOOBEBroker.exe
                                                                                                                  C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
                                                                                                                  1⤵
                                                                                                                  • Drops file in Windows directory
                                                                                                                  PID:2840
                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
                                                                                                                  C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
                                                                                                                  1⤵
                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                  PID:3532
                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                  1⤵
                                                                                                                    PID:2508
                                                                                                                  • C:\Windows\system32\OpenWith.exe
                                                                                                                    C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                    1⤵
                                                                                                                    • Modifies registry class
                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                    PID:1420
                                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\Admin\Desktop\libcrypto-3-x64.dll"
                                                                                                                      2⤵
                                                                                                                        PID:648
                                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\Admin\Desktop\libcrypto-3-x64.dll
                                                                                                                          3⤵
                                                                                                                          • Checks processor information in registry
                                                                                                                          PID:3764
                                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2008 -parentBuildID 20240401114208 -prefsHandle 1936 -prefMapHandle 1928 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {43cb7f21-7867-4490-b187-29943ef40f1b} 3764 "\\.\pipe\gecko-crash-server-pipe.3764" gpu
                                                                                                                            4⤵
                                                                                                                              PID:1244
                                                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2408 -prefMapHandle 2404 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5150b151-83d7-44d5-9af9-4c5c6b135087} 3764 "\\.\pipe\gecko-crash-server-pipe.3764" socket
                                                                                                                              4⤵
                                                                                                                                PID:1732
                                                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2856 -childID 1 -isForBrowser -prefsHandle 3208 -prefMapHandle 3204 -prefsLen 24739 -prefMapSize 244658 -jsInitHandle 1044 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d98b3b74-2170-4b8a-abfc-d04d95609ee7} 3764 "\\.\pipe\gecko-crash-server-pipe.3764" tab
                                                                                                                                4⤵
                                                                                                                                  PID:3816
                                                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1656 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4756 -prefMapHandle 4784 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1bb6ec8-b32c-4a0c-9755-5bde76c136e7} 3764 "\\.\pipe\gecko-crash-server-pipe.3764" utility
                                                                                                                                  4⤵
                                                                                                                                    PID:5328

                                                                                                                            Network

                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                            Replay Monitor

                                                                                                                            Loading Replay Monitor...

                                                                                                                            Downloads

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              d7145ec3fa29a4f2df900d1418974538

                                                                                                                              SHA1

                                                                                                                              1368d579635ba1a53d7af0ed89bf0b001f149f9d

                                                                                                                              SHA256

                                                                                                                              efc56eb46cf3352bf706c0309d5d740bca6ac06142f9bdc5e8344b81d4d83d59

                                                                                                                              SHA512

                                                                                                                              5bb663ede88f8b7c96b09c1214aac68eda99bc09525ac383baa96914ff7d553ea1aed09e3c9d16893d791c81ddb164c682dfbb4759ac0bc751221f3e36558a91

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              d91478312beae099b8ed57e547611ba2

                                                                                                                              SHA1

                                                                                                                              4b927559aedbde267a6193e3e480fb18e75c43d7

                                                                                                                              SHA256

                                                                                                                              df43cd7779d9fc91fd0416155d6771bc81565e98be38689cb17caece256bf043

                                                                                                                              SHA512

                                                                                                                              4086c4ebe410a37d0124fc8bd00c58775e70ab2b7b5a39b4e49b332ce5b4866c6775707436395467aff9596507c96fb4896f3bf0249c5b9c99a927f31dcc1a96

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              8f93822555c268ddd1308eeedb08f92c

                                                                                                                              SHA1

                                                                                                                              e494468d090585bde70b3f11d9462b17ef9be71b

                                                                                                                              SHA256

                                                                                                                              3c6daf144d7530c33f266fc66e521151c5374bbe60e7b9d0e2ae36732a4fc309

                                                                                                                              SHA512

                                                                                                                              165fe4d66974ec725225ee2c9876b453ead2812a8526c988e0a3b6d75cf3479c43693056de1167c7f49db1920f68ba9cead5ee3d576277abe20734fa5fe8d2b0

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              981c51f05e2cf093a03181d2efa24be4

                                                                                                                              SHA1

                                                                                                                              819ad8c918fe6dda44e4e4b449de36c3e21d96ff

                                                                                                                              SHA256

                                                                                                                              72516e68788654514d35b1479164606d8c0aa3385ad6f1885e7615c089591f3e

                                                                                                                              SHA512

                                                                                                                              fc5f74abc468cf3cbad57699d6020918b4b9abf2298eb0213cb54ac30b87e26369ad0f0fdd785d4ef7d1b604babb5231775c0e5dbeea5db17707ad7895e4e882

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\651559ad-55c3-4978-9f4d-0a1f4608c114.tmp
                                                                                                                              Filesize

                                                                                                                              1KB

                                                                                                                              MD5

                                                                                                                              e451f4d7d6750efeb2371990b9f56dfb

                                                                                                                              SHA1

                                                                                                                              a0bceba633d376b2b9cfa1d45e440ff23c6b5815

                                                                                                                              SHA256

                                                                                                                              01b63a543de29002085fea9c67e5d2c8e4e5a70ccbe5e4b015987fb6831c9933

                                                                                                                              SHA512

                                                                                                                              57897553f8ba9ac292265202bd90442fca23329187e4dc0a89d4f1afbd0750d49a34289086b1a9944298eb2012f27a442031c296b1bf5e6115059909e8d8c096

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                              Filesize

                                                                                                                              336B

                                                                                                                              MD5

                                                                                                                              5e55303833de5fdc6fab0816d108a9e5

                                                                                                                              SHA1

                                                                                                                              b58ead79dbe9ab498eb31749f0df843d3ba27f9d

                                                                                                                              SHA256

                                                                                                                              f4fea30ec2d2db2341b2e8c0fe5f0109172159ed1332633b4f3f40082f2c4217

                                                                                                                              SHA512

                                                                                                                              ea327988f96c95b754f8385224e1aa437b50249c5f711b4950c7002030185d327a33bac9b1de78c5cdfa78ecbd3bf05528723757c188b55ccb4973147390afb4

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                              Filesize

                                                                                                                              312B

                                                                                                                              MD5

                                                                                                                              ce450a9843dd1e40958041f0463a4c52

                                                                                                                              SHA1

                                                                                                                              1753a251ece85eb275c90dcac8efbfda01f2895f

                                                                                                                              SHA256

                                                                                                                              60303b73dcf3ef91bb83c56de8f814473c32e1f9008a5b812943a6de07912613

                                                                                                                              SHA512

                                                                                                                              8529b3fe4a204b272892a96bc0e4d38a81396ca79b247318b7fcfaba033ee59431593bc16a642fc57e7955474a780c843d197250dedcd88b8877560ceff5354f

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                              Filesize

                                                                                                                              552B

                                                                                                                              MD5

                                                                                                                              49a14fe017b155639872bb3487c19492

                                                                                                                              SHA1

                                                                                                                              5213a5385dfb53da81d23f84b4d3ab47a23785ca

                                                                                                                              SHA256

                                                                                                                              53d9e7a187fc83015e07285b53caa57a2e7fd27ed9cad7a62764f31ee834bff8

                                                                                                                              SHA512

                                                                                                                              e8f9aa07f63d18b0e223bcaadb7e312c2b506bd0e6e33c3b621effcf150a4739be142e9397611b9a55625ba12a064fd6fb0607bc74befa6c287b9beaea5799ca

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
                                                                                                                              Filesize

                                                                                                                              20KB

                                                                                                                              MD5

                                                                                                                              242651fc6008fabf407ef8c180203531

                                                                                                                              SHA1

                                                                                                                              daa596a96b7cb341ffb556b5bdc74642ae64e942

                                                                                                                              SHA256

                                                                                                                              70c17c40b199f42194ed4fead288a0c11fc9a4a9a697d13e825a20620818c73c

                                                                                                                              SHA512

                                                                                                                              52837675d79f389e8d98b20df0155cc668675eab3556179911090d7e77e918c39f2be39f1974140402ac061c2bbf2e7ce0047127eff991a6c0c72e99deafdfd0

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                              Filesize

                                                                                                                              24KB

                                                                                                                              MD5

                                                                                                                              ac94fe2d16218690a7abcb174598daac

                                                                                                                              SHA1

                                                                                                                              eb847aa2f2ee17db586e839a9947ab29588bfba3

                                                                                                                              SHA256

                                                                                                                              07f8f781b18e2fbd6f6268fd209576ff240c297076b8e00edb69bb99501710ba

                                                                                                                              SHA512

                                                                                                                              2105d1e28d0b80f7e39cdf552262105cd38164de787fb681be5eeb610068e8a635f712f83fcb1ffe7a784cebc3d6b705114b7d01ffd61bc17cbb9f901908fcc7

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                              Filesize

                                                                                                                              264KB

                                                                                                                              MD5

                                                                                                                              e13bda9e96811b2ab492efba3517ee85

                                                                                                                              SHA1

                                                                                                                              9e20e86dcab41a780267222700c1bc108ec4f0c4

                                                                                                                              SHA256

                                                                                                                              f868670a9a005296d8940f52c4521ef4b1662f1596cc616affb2d454572a3d6d

                                                                                                                              SHA512

                                                                                                                              d2fd6b571b32b6cc44d19e76168da2174c8d342d8481514bfca3c10b1840c73f9a451884c18867da37694bb9695e1796d322ecfe14476ec343c795f1d29f95f3

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                              Filesize

                                                                                                                              116KB

                                                                                                                              MD5

                                                                                                                              13acc70b1b6e32d75e91e3271eed7d37

                                                                                                                              SHA1

                                                                                                                              702f66a849396cb3ef6fcbc0a495fafeefe71de1

                                                                                                                              SHA256

                                                                                                                              9e31b3509942c66d6b62bb7d33c1a6b9b87c9a67142c9f6892cbbe0d487e8140

                                                                                                                              SHA512

                                                                                                                              e6a132ac19fddedebfda98a0614f18c2b2ad223b24e56a2a91f56d6911a72dde2a77a69b4e93ebc5acb5afd1f54ec8a56676ce5f55e8861cb1d8d6be21449637

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                              Filesize

                                                                                                                              481B

                                                                                                                              MD5

                                                                                                                              4a041300cc6574a2108daa095f92e944

                                                                                                                              SHA1

                                                                                                                              8984f73c66f969ec22e9078adbd3de365cda488b

                                                                                                                              SHA256

                                                                                                                              71ea0913aa2d150573c31c72b4e133c8e7ecf3e6718eecc12427d4aac581a47e

                                                                                                                              SHA512

                                                                                                                              fb8f89202b722a04ae3f45607c646762ae91d4b59c2c25db03a77ec17c678188464445f8f7521f6ead2c353029f73bf1a4ba10fa971bf1a10543a301d4405363

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
                                                                                                                              Filesize

                                                                                                                              1KB

                                                                                                                              MD5

                                                                                                                              1100717f2af8b3875083149f8851a03e

                                                                                                                              SHA1

                                                                                                                              ef1873454d24210656b523e916a15c82731fb689

                                                                                                                              SHA256

                                                                                                                              8bca4e8bec2ad24e836f36eb9ecf59d7e23bca90538ab22cc5b63e8b6f4d2e51

                                                                                                                              SHA512

                                                                                                                              a6756016734af72e51e214fce9f3041f1513e4a8b30df863224b8392a264bb9ca69adee4eb87b68af4e6266ea60d399b2d8f7b881468b63413380a4fbf3e6e30

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                              Filesize

                                                                                                                              331B

                                                                                                                              MD5

                                                                                                                              2fd75292ac5485847cda4ea6b1e6cb8e

                                                                                                                              SHA1

                                                                                                                              7c716ffaf9ff102345daafa95ab1a2f1e0420fc7

                                                                                                                              SHA256

                                                                                                                              cd6fca53193081d86ee77a5ec1fa004537755e9bf0a4449d896896581b82b1ed

                                                                                                                              SHA512

                                                                                                                              6e1db18ee6ce621dd96f3506bd0fca8504eee22ad03669571e8272dea482fc2a28c295aa24aaa143770d81e5dafdeea727c6205e4fa7a8547efd7cf0970c4243

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              856e0dc5092e25f2273e18f6a8516c16

                                                                                                                              SHA1

                                                                                                                              a85bee117632872cf80463d38205a1ad1b22e87e

                                                                                                                              SHA256

                                                                                                                              3a394aa0844f67785cd657149af0b09e1adc89e03fcc497a58e61ace0a5f5d3a

                                                                                                                              SHA512

                                                                                                                              f38a15fe8f17b047e134849c55738c79bb62816cd6f419d823ff73a5f10eaefbd4b0ec3cf176939a4463e72644c5594b3d35e408b5abab7dc7a4056fad62b4de

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              e1e325a99b8de0305f4f85145312aa3a

                                                                                                                              SHA1

                                                                                                                              dd150edac0ff4467e9f849b7f0c13b25a4d16001

                                                                                                                              SHA256

                                                                                                                              449c7f5f5b666345a30effd3f4538653ba2f62d6fea765783e1b0e1ef46b952b

                                                                                                                              SHA512

                                                                                                                              ae89ef29ccdaa3f3724ffd76a82825a2ddb86913d2ead0e906d5760e3f03f9b0d161a64d5f06e00cbbf9965d72d98781d08ddd8eb296d85572e9c874e9d638ff

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              5KB

                                                                                                                              MD5

                                                                                                                              b3dd1c3b799577d12fcb4ec028f12b23

                                                                                                                              SHA1

                                                                                                                              14b8809b84fe3fff9b4f33aae0c43e1be12b4cb3

                                                                                                                              SHA256

                                                                                                                              bed50dead0d45374a6928f73196ae0ddc37c3429dd0f8893e2b3b1853188f2db

                                                                                                                              SHA512

                                                                                                                              b3297b54a68bbfb2e40baab7f103e3f0da2dad10eeb7ed69eb23f53d785cd1efb4936757a5e19d618deca486c36807ba22cccda843f524c3f0c6d18a78984a23

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              7KB

                                                                                                                              MD5

                                                                                                                              f290b9fdfcd6980b6a10d69a6a53e469

                                                                                                                              SHA1

                                                                                                                              24577a239a72a3e4b2bdcd0addaacd83d1ab28ee

                                                                                                                              SHA256

                                                                                                                              9111143556c311913769b9c6db83033ebc2bb311149979510ad9b4b55279344e

                                                                                                                              SHA512

                                                                                                                              dbff2a21d2d9242421af6a1761dcbf16c8a45621340ced619a28ea358e4cc9f9c4f147312b850b8c7ac745714111ba25b8b6b743ee180368cc49fcb1c73613de

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              7KB

                                                                                                                              MD5

                                                                                                                              0c115b73835862ebbe71b0106c696174

                                                                                                                              SHA1

                                                                                                                              ca1413726f0d0f36347d158af5970cc461c26365

                                                                                                                              SHA256

                                                                                                                              4ab726e179f0144a2035f553b22d29332eeaf43a7bbddb155d177103ef7ea581

                                                                                                                              SHA512

                                                                                                                              04016305f4ce3a624981082f55f10742c91c484d14396b53add9ae96ec3ca2f5c90b02baf9fbb771f92412fd286eb49bd309441ba6f87fb6c60b859defe7cbf8

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              8KB

                                                                                                                              MD5

                                                                                                                              8cfd60fdd4af800e8a3fb0d4f85e7cfd

                                                                                                                              SHA1

                                                                                                                              261d7abba8b52be829c67121d4eb4360933de367

                                                                                                                              SHA256

                                                                                                                              115c68a77cd7a77290cb521c706c1a3dbfc5ffad73f275370e3d15aa2d530f62

                                                                                                                              SHA512

                                                                                                                              c0cea1c536506de178bb358ff417d1c858636694a7c94c0665ab20593dddc0ad745d9e450b0076bdde832a37ab32cbba8a2f23b9c04a34120cdd7a1f6643e952

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              6KB

                                                                                                                              MD5

                                                                                                                              1ab961077e5d835443e94ccb7de80350

                                                                                                                              SHA1

                                                                                                                              fc3bbb117fd162ee154e8de7952dec2e170d33cb

                                                                                                                              SHA256

                                                                                                                              97bf78f2480568cf2891c599ded6bb164e49e2c46a8f6f4e90b07c2706f525ee

                                                                                                                              SHA512

                                                                                                                              d11783e62ac4e0d06fe84d1a9f677b74b477b265da7380064835c5aab0385aea2f998d8150e9640e0866e3e0349d4525ab7616c568870898cac045f7cb907c78

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
                                                                                                                              Filesize

                                                                                                                              295B

                                                                                                                              MD5

                                                                                                                              30ad5b028ee589b01c3ea23f5fb8e6a0

                                                                                                                              SHA1

                                                                                                                              d48f117aecc9483a76f2b01e5fbc60e0fbde02dc

                                                                                                                              SHA256

                                                                                                                              c2681536ab406eefce5682b26aca73a8bee35e1c40e89b9566471cd4cbeb6d16

                                                                                                                              SHA512

                                                                                                                              b9aab1ef41d7c05eacceea623640e25a89c57c7ea47875cd1c655b30d02089a8abe46324dcbce39550d62aa7f32d5662af4ea22712499e1c04a3610f64a4b37c

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                                                                              Filesize

                                                                                                                              41B

                                                                                                                              MD5

                                                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                              SHA1

                                                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                              SHA256

                                                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                              SHA512

                                                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                              Filesize

                                                                                                                              72B

                                                                                                                              MD5

                                                                                                                              71fcc270ce644b331bd2b60ca0deae56

                                                                                                                              SHA1

                                                                                                                              09a0f6e8bb008d9654d2082f88984ca73179eec0

                                                                                                                              SHA256

                                                                                                                              0dd13119ef6d6e3e8ccfc9729b3f679955bee605a8176102ca34b8c5cbd4d914

                                                                                                                              SHA512

                                                                                                                              d337a8b2345f7c5b1b07616b2a0185b90f34f05c4757af688bf8d17ccf4390c64a90dd7eaeac4f168b7b31d0848c8a468395455d0cb3cc8dfabfe1d30827e453

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57dfb1.TMP
                                                                                                                              Filesize

                                                                                                                              48B

                                                                                                                              MD5

                                                                                                                              4053308990c2b293947a804928fb0b10

                                                                                                                              SHA1

                                                                                                                              9f15bc32b811e4f22335b35ce0311ae68b2eedca

                                                                                                                              SHA256

                                                                                                                              16387fa2e6a9553fc4be19b3559c0fdf242a66a4d8c163fac104c8241493ef0d

                                                                                                                              SHA512

                                                                                                                              b2155aadef2776f03de72f3b3b27e8028c551e15e58f58fb7f02f078bdefaf09769b145d36ca01520b3994894404acc91f719e5149a9cff1fed1c2ded1ddea28

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13372950297367550
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              6d19e0d88f3c392b25d406bf85fa04e7

                                                                                                                              SHA1

                                                                                                                              668c54ea7f9b22f976b1ad69f28e8186d1b8f8e6

                                                                                                                              SHA256

                                                                                                                              12c3ec4d120ddfdd79e23e534e363310fb970c3e21adfd14aa0ec96bfa875470

                                                                                                                              SHA512

                                                                                                                              da5b8a87ca4ba1547a85886a24e807de6419611cd60683a723f83c0a036c245eb6ec9258430b8b2a27052a2394dcf6d6d1ff1f2515d25be812a0299168504d91

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                              Filesize

                                                                                                                              112B

                                                                                                                              MD5

                                                                                                                              55d09f3117d7b05dd0a6db73d8cd05dc

                                                                                                                              SHA1

                                                                                                                              e6aad840e393b83441864dd2eb6ff1261cc71196

                                                                                                                              SHA256

                                                                                                                              5754c9bbbb758d25fd14e27778df1995ec0ed9f44b86b1cac8b51ff8b2e9c025

                                                                                                                              SHA512

                                                                                                                              9515cb03a2b7ce0c529bded4063e7bbb3c30e48c8a9b0aa595e27926a4d75e9c40baf7cb364f85690be6e2e845a6f780ba1fc5d89f50511570ef07e1c99972ba

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                              Filesize

                                                                                                                              350B

                                                                                                                              MD5

                                                                                                                              39ca7b442d3ef66ded9b4ea86d9a4c66

                                                                                                                              SHA1

                                                                                                                              1eae5c9961e817edebfe1a27a6a0edd38c16e42c

                                                                                                                              SHA256

                                                                                                                              a8e6ae86ac0aec3398a393a7cd324f5dc8a900853b443793c58ef3c6601b2453

                                                                                                                              SHA512

                                                                                                                              3c5b0a63f8e24f4dc72edc5191e6b604fe0766115bae2cfc19513624dd9cc9f6876ee8a78106ec10626f171457bdb3072344d214ee893c74720dbed02bdfd4cc

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                              Filesize

                                                                                                                              323B

                                                                                                                              MD5

                                                                                                                              bd7cf2175865e1c1a28be8e665e772d7

                                                                                                                              SHA1

                                                                                                                              6c2d5c1e7bb7c6e670ae61684865acd683a6a02e

                                                                                                                              SHA256

                                                                                                                              26e29ec131a1d8590705f11ba8f57043a8015746fad2bdb0224d5ea34b93b170

                                                                                                                              SHA512

                                                                                                                              908248b0cfb0ed2ab6274d901942f8c6eeffb430f073e36c8d9eee425432fe52033efc6db10a3e906613bcecc93ff3cafacaddeec8d281147e427ef49bdf3fc6

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                              Filesize

                                                                                                                              128KB

                                                                                                                              MD5

                                                                                                                              6597374f3826043748189d305aab3d87

                                                                                                                              SHA1

                                                                                                                              4b5fcabc816410c2ebb2b935e83d69d3d0564a67

                                                                                                                              SHA256

                                                                                                                              39cb35b8b00da0f5280db4dd920ff0e1f0a79ecd5e85dde64380b5b4e456ce40

                                                                                                                              SHA512

                                                                                                                              a5ac759d975b71391893a8cef3fa3e93a8eede182699817ec67be9a16ad8ca4147b726e681481dac6f607dc211389901ae227fdb07cece351b77115ce075e24c

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                              Filesize

                                                                                                                              16B

                                                                                                                              MD5

                                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                                              SHA1

                                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                              SHA256

                                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                              SHA512

                                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                              Filesize

                                                                                                                              16B

                                                                                                                              MD5

                                                                                                                              206702161f94c5cd39fadd03f4014d98

                                                                                                                              SHA1

                                                                                                                              bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                              SHA256

                                                                                                                              1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                              SHA512

                                                                                                                              0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                              Filesize

                                                                                                                              16B

                                                                                                                              MD5

                                                                                                                              6752a1d65b201c13b62ea44016eb221f

                                                                                                                              SHA1

                                                                                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                              SHA256

                                                                                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                              SHA512

                                                                                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
                                                                                                                              Filesize

                                                                                                                              961KB

                                                                                                                              MD5

                                                                                                                              be1a41c13a30c7430bd07afe61f6ed7c

                                                                                                                              SHA1

                                                                                                                              c74edc6c48c82fc5a4a613b2400ebb904a3a8b99

                                                                                                                              SHA256

                                                                                                                              c108d83702900d54bf7e69fd716587e20206559626fa14a7f12a9d0c80897cba

                                                                                                                              SHA512

                                                                                                                              62e6b2965ac1d891957b2fac983e2b9ab433aa8cbf3d4cb0b344ac95790d2b4ad96e6db213f242afe8b09b91287a21bb8913b410f77aa1d2b82140e14c8394ef

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                                                                                                                              Filesize

                                                                                                                              322B

                                                                                                                              MD5

                                                                                                                              af5ce5182d26fd2d5482d8891d532099

                                                                                                                              SHA1

                                                                                                                              26ff7ab3c4ebe9c5ac4484262565176e75891947

                                                                                                                              SHA256

                                                                                                                              8bb7cc2b7302e40e597815c5df886b831c00c17fbea369d0840f1bcc1115e58a

                                                                                                                              SHA512

                                                                                                                              922661d5f4b566175ecd74bcae98e1cdc588d3fb166638734d0deb62179bab39f8d75a9bae2216faccae2cc8c5add2d9a126afcc6c78aed95f64991db931fe94

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                              Filesize

                                                                                                                              318B

                                                                                                                              MD5

                                                                                                                              cbc17bb48b28c8d0752a359e46e926d6

                                                                                                                              SHA1

                                                                                                                              c9b5abde39d0eb13d64225faf38e43c6dcf7f542

                                                                                                                              SHA256

                                                                                                                              5cb50a22d12ce65995c55f6a490ae995ac850cbf8caac58540f01ce8db40c19b

                                                                                                                              SHA512

                                                                                                                              f1cb51a1ca1ab0d19633ef07879e5f58dc1394168c3003bcdbedbc5968a9bd45e53cfc48a35951dbc9b15e62c40f64e5cde8add60784e70d17d5d5acc059e89b

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                              Filesize

                                                                                                                              340B

                                                                                                                              MD5

                                                                                                                              30b0c241ebe61e52d8a7df1893caa394

                                                                                                                              SHA1

                                                                                                                              0b4fea3668eadebfb1b9a780cc06f31a941e56f3

                                                                                                                              SHA256

                                                                                                                              a64481d8083719b13b7e25302cfa60f9accd477e32eb573032f98f2ccf333181

                                                                                                                              SHA512

                                                                                                                              e1e00a755af5d5920219346316fc71828bc1e7a61af88bc9ca3297032338c7fbfe52a49edb73b024afb31f9d28661f8986f10502b2cc7638510f45a662c91eaa

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                              Filesize

                                                                                                                              11B

                                                                                                                              MD5

                                                                                                                              b29bcf9cd0e55f93000b4bb265a9810b

                                                                                                                              SHA1

                                                                                                                              e662b8c98bd5eced29495dbe2a8f1930e3f714b8

                                                                                                                              SHA256

                                                                                                                              f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

                                                                                                                              SHA512

                                                                                                                              e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                              Filesize

                                                                                                                              10KB

                                                                                                                              MD5

                                                                                                                              dd63c6380f75607a9434eca3cc38df9c

                                                                                                                              SHA1

                                                                                                                              a79a3bb0286f66f7e184689a175210b0aad86bc2

                                                                                                                              SHA256

                                                                                                                              364fcf5071de4d404b9170e25ffcba53d9a6d375dc3e0ff7c90a66a9e3f00c43

                                                                                                                              SHA512

                                                                                                                              b21b059a0f8da4c3b48166d81731dfc12aa1e862334dea1560cd1cf03fdf484155be2a132b1a38b75efaa28e690f7794aa07228a02f83bc63599eb20a196f735

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                              Filesize

                                                                                                                              10KB

                                                                                                                              MD5

                                                                                                                              c8cc12b40efb2b21e048dbaca99f23ec

                                                                                                                              SHA1

                                                                                                                              e3c77aded4a598548b185be3bf1fa01375f3cf27

                                                                                                                              SHA256

                                                                                                                              2553ced5365ac1e00b5e70915bc4ef5341775a7fae2a45052d2fb363b781f943

                                                                                                                              SHA512

                                                                                                                              beb480fbf52034ac9046df7f3e17f9898abe18e63b7d76275bcbce8c9469f1faadc64293727fb3fe43106bc9aca7d30df492773e1cb178b72b3bdff1c1f98a02

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                              Filesize

                                                                                                                              11KB

                                                                                                                              MD5

                                                                                                                              842cbaa7d8b7cdbd74128e914282a95f

                                                                                                                              SHA1

                                                                                                                              2ff9237148f4c0e5d3d7d718ea4a83184241bdba

                                                                                                                              SHA256

                                                                                                                              6c8032a82cb9c50e2431d133206de87ff4e183718c2339c5eb41981564e167ae

                                                                                                                              SHA512

                                                                                                                              b8ed70856d55960bb2e4362a904668ce230a6dd3c5ba53199e70717ae20cafa44fb024ba92dc6aac4d1939c8145c3ab6650dbfa3f3a96b7d426c8ef0adf17931

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                              Filesize

                                                                                                                              11KB

                                                                                                                              MD5

                                                                                                                              ffdb852bc56037ed4a9e3748c58aca12

                                                                                                                              SHA1

                                                                                                                              d1d70512204e701724aeae8c610ae70c4eb27e79

                                                                                                                              SHA256

                                                                                                                              b9ab5c05a1e1307cd2157af783647806ca61e920cb4f74db0821027f67015c4b

                                                                                                                              SHA512

                                                                                                                              59ca5f203e9638969f7a5fdc81d32d33817b27c002cc32d30c425efcf588daa38fa1e3388d082d57df04df1361b0f540a808f51b48126933f940e94427dc28ad

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                              Filesize

                                                                                                                              264KB

                                                                                                                              MD5

                                                                                                                              50de48827691a78f1a0764b32dcd9f85

                                                                                                                              SHA1

                                                                                                                              28323c7f9239135a7b482f6f47e74d22553214f0

                                                                                                                              SHA256

                                                                                                                              63fa6ce4c64d839c74ad2558887bc608f8cb856de4974681ee4b59b0d58a33ba

                                                                                                                              SHA512

                                                                                                                              9030016266a6c8cb16f63c3e80f098995f25208cf3a3a01017751fe69d3387ed12d594511c71a32c40c8dfa5afa7a26ebc6967e029c86645757c2975ddf917f9

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\w9rzhd5e.default-release\activity-stream.discovery_stream.json.tmp
                                                                                                                              Filesize

                                                                                                                              22KB

                                                                                                                              MD5

                                                                                                                              b923f2b55581af04a87a957c6b0b9236

                                                                                                                              SHA1

                                                                                                                              59727a203de5762026469604e905ebd2edc5449b

                                                                                                                              SHA256

                                                                                                                              b531f736e19e0b71ca01fb3fb97ab3f107845b2dce77fb7a549fb5c1c13460b3

                                                                                                                              SHA512

                                                                                                                              f52b79d982d27cc6c1d4ce4808c31b190d8d05cb2a1791d16553b5aee5347a973a7bd89b9e72b967817f60dc5839c325b8ca9a7c8d8969b3fa1cce7504fe4ccc

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsz1C11.tmp\StartMenu.dll
                                                                                                                              Filesize

                                                                                                                              7KB

                                                                                                                              MD5

                                                                                                                              d070f3275df715bf3708beff2c6c307d

                                                                                                                              SHA1

                                                                                                                              93d3725801e07303e9727c4369e19fd139e69023

                                                                                                                              SHA256

                                                                                                                              42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7

                                                                                                                              SHA512

                                                                                                                              fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsz1C11.tmp\System.dll
                                                                                                                              Filesize

                                                                                                                              12KB

                                                                                                                              MD5

                                                                                                                              cff85c549d536f651d4fb8387f1976f2

                                                                                                                              SHA1

                                                                                                                              d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

                                                                                                                              SHA256

                                                                                                                              8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

                                                                                                                              SHA512

                                                                                                                              531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsz1C11.tmp\modern-wizard.bmp
                                                                                                                              Filesize

                                                                                                                              25KB

                                                                                                                              MD5

                                                                                                                              cbe40fd2b1ec96daedc65da172d90022

                                                                                                                              SHA1

                                                                                                                              366c216220aa4329dff6c485fd0e9b0f4f0a7944

                                                                                                                              SHA256

                                                                                                                              3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

                                                                                                                              SHA512

                                                                                                                              62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsz1C11.tmp\nsDialogs.dll
                                                                                                                              Filesize

                                                                                                                              9KB

                                                                                                                              MD5

                                                                                                                              6c3f8c94d0727894d706940a8a980543

                                                                                                                              SHA1

                                                                                                                              0d1bcad901be377f38d579aafc0c41c0ef8dcefd

                                                                                                                              SHA256

                                                                                                                              56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

                                                                                                                              SHA512

                                                                                                                              2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsz1C11.tmp\nsis_tauri_utils.dll
                                                                                                                              Filesize

                                                                                                                              29KB

                                                                                                                              MD5

                                                                                                                              8def0196223484f8aed4106148dd3f08

                                                                                                                              SHA1

                                                                                                                              e0fc0951deb0e5e741df10328f95c7d6678ad3aa

                                                                                                                              SHA256

                                                                                                                              c0f2b928bc4c81cc5ca30a8932a6dc8cd617dd016679c057e23355fe732b2333

                                                                                                                              SHA512

                                                                                                                              9ffa66181bce5aa5210da0fe5edc6c80aa9e46e2bd1fafd840f468965f4d06bc03f9a77e04b975ffc9f25c886c274196e3fedae6cfb57f366ef39f1e31e1ada7

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              3af9923d7b272cd88f7a9c01710ea6da

                                                                                                                              SHA1

                                                                                                                              db2d9505101670f4e1f2bc24f37199babf314b4b

                                                                                                                              SHA256

                                                                                                                              30256ec4d2ce550f3f7af80f83132707dc5d5c51ec30ab8718849654bcb34f67

                                                                                                                              SHA512

                                                                                                                              63f3d90dccc5d81ae580401124ccc6f102411cb5eb9fde38528a8ed299dcef6675b9d3940b4588812256a6457660ca985b690d93d4b1e2d7aae8c4863a3a88f2

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              44c8293fd565b2a3a0eba3fd6762b2c0

                                                                                                                              SHA1

                                                                                                                              5e1a7e71d4700067e00cae90727c33cdbb77bfd0

                                                                                                                              SHA256

                                                                                                                              86f2f1d376326352453d7f456b0de4b395654326dd2ddab358f3666532018f46

                                                                                                                              SHA512

                                                                                                                              08ac65156ffa2a215539b222580bfd2c5081cbdd83db091e0249504025933a001126008ba1e936b406afcaf7582c5a68133d0d0fe819fdc0cc577cde60ad3e5a

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat
                                                                                                                              Filesize

                                                                                                                              152B

                                                                                                                              MD5

                                                                                                                              150810b3d83c8ccedae2db92d04a00c5

                                                                                                                              SHA1

                                                                                                                              3069f2d4acfc7094ff738e7db8b1bb2b5f10599e

                                                                                                                              SHA256

                                                                                                                              42e07d9812845e45ad79f4a811f515431e35a83b7d5cc7f3cbc175d88c7e1ab0

                                                                                                                              SHA512

                                                                                                                              68bfcc8c57eaf4fddf17c90556d348dc97e7eef5ec12d2e4c8264036a0ac605a00fd3e601bc1c5a07a24614c1ce635dcf878f00aa950d08041afb48fee979d53

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\throttle_store.dat
                                                                                                                              Filesize

                                                                                                                              20B

                                                                                                                              MD5

                                                                                                                              9e4e94633b73f4a7680240a0ffd6cd2c

                                                                                                                              SHA1

                                                                                                                              e68e02453ce22736169a56fdb59043d33668368f

                                                                                                                              SHA256

                                                                                                                              41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

                                                                                                                              SHA512

                                                                                                                              193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_0
                                                                                                                              Filesize

                                                                                                                              8KB

                                                                                                                              MD5

                                                                                                                              cf89d16bb9107c631daabf0c0ee58efb

                                                                                                                              SHA1

                                                                                                                              3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                                                                              SHA256

                                                                                                                              d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                                                                              SHA512

                                                                                                                              8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_2
                                                                                                                              Filesize

                                                                                                                              8KB

                                                                                                                              MD5

                                                                                                                              0962291d6d367570bee5454721c17e11

                                                                                                                              SHA1

                                                                                                                              59d10a893ef321a706a9255176761366115bedcb

                                                                                                                              SHA256

                                                                                                                              ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                                                              SHA512

                                                                                                                              f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_3
                                                                                                                              Filesize

                                                                                                                              8KB

                                                                                                                              MD5

                                                                                                                              41876349cb12d6db992f1309f22df3f0

                                                                                                                              SHA1

                                                                                                                              5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                                                              SHA256

                                                                                                                              e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                                                              SHA512

                                                                                                                              e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              3KB

                                                                                                                              MD5

                                                                                                                              506b65acd1a0c5b6256bb02a905a0397

                                                                                                                              SHA1

                                                                                                                              0abc6afcf19ebee983f2c505997b2c8f05bd6437

                                                                                                                              SHA256

                                                                                                                              53a0ed96bd70e4dc67987e9e734678a49b3cd041be135da4653459ff01cb2c98

                                                                                                                              SHA512

                                                                                                                              71bc7d686f7e6bf5875dac94448c7713568666600a9aa325257d1bb46f72644e453c7aaf8a7f6cf8aef542a4678a0af24f7b9533cf6de02656d4127508e0f65d

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Preferences
                                                                                                                              Filesize

                                                                                                                              3KB

                                                                                                                              MD5

                                                                                                                              320ebff2fa08e5badf6038ab5b3467bb

                                                                                                                              SHA1

                                                                                                                              10df39548441aa3a645c738a4f4c3ff7e78856f3

                                                                                                                              SHA256

                                                                                                                              db3a7b02a21ed945609dcd728cbe3a07e943ea24b09b442f47102e63832c5646

                                                                                                                              SHA512

                                                                                                                              403485f04b8d2ec7d15f74e0271c72fd939056fb56c48c45915934e34228aa89b459ab1d2053de904be3d54816d72f9ab4df9a69cc14320fa580f90bdc1fba42

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\d5da0550-02c3-467f-8cdf-e781bdc9fff3.tmp
                                                                                                                              Filesize

                                                                                                                              61B

                                                                                                                              MD5

                                                                                                                              4df4574bfbb7e0b0bc56c2c9b12b6c47

                                                                                                                              SHA1

                                                                                                                              81efcbd3e3da8221444a21f45305af6fa4b71907

                                                                                                                              SHA256

                                                                                                                              e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377

                                                                                                                              SHA512

                                                                                                                              78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\e4d141eb-a496-4289-aa55-04e9badd691e.tmp
                                                                                                                              Filesize

                                                                                                                              1B

                                                                                                                              MD5

                                                                                                                              5058f1af8388633f609cadb75a75dc9d

                                                                                                                              SHA1

                                                                                                                              3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                              SHA256

                                                                                                                              cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                              SHA512

                                                                                                                              0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\f0700492-9dc9-4194-874e-8c1ebdac213d.tmp
                                                                                                                              Filesize

                                                                                                                              3KB

                                                                                                                              MD5

                                                                                                                              be83f4cb3ff63234f7d1c08fbb991ce0

                                                                                                                              SHA1

                                                                                                                              e562b09d480bcd2af4c31b741a02ff23e5b22f16

                                                                                                                              SHA256

                                                                                                                              d57fce07815c022a5691d5c6d031b3c4cca5609916d70fee16753e5c6f66e869

                                                                                                                              SHA512

                                                                                                                              d414bb72c9029c2122d5038d288c8e510a3b6f5a1933c571ac7036d22b5e1241449324b1cd128a3fe8f4cc6b451d201da6e2d4a1504fe3eeb3db37091452e613

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              d760ca7d36413a95e12fd73c67fc0aef

                                                                                                                              SHA1

                                                                                                                              fadfb60b7233683c0a29500c7ca11599dda865d7

                                                                                                                              SHA256

                                                                                                                              8bdfa07a16b660c046b15fa14b3f4dfca4e595c2ed365849c5ddf28fea9d261c

                                                                                                                              SHA512

                                                                                                                              8d484264a11fe93fc26ae4f8a75bdd88d538ddb7407caa49d8803e2131f8d3139b603171d0868be945040b588a18860d6ec7ffa0f5a7ba94da9678b36ff7484c

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              3bfe3e9ce46faba0728c4be03cc99bc4

                                                                                                                              SHA1

                                                                                                                              ca6ad01924d5899b20250cfd8e5099e788604a8a

                                                                                                                              SHA256

                                                                                                                              65d561d96432d1a0be9d2011c491692903ed7e62ee5fd9a594d011692bdcc807

                                                                                                                              SHA512

                                                                                                                              9e9001ea2c6cd70b915bfa0d50aed21e7d3c7e1fd3f09f4402bec9988a8938226eb3fed977640b351cae8c19ed218edba9b30458726f0596938ef0e89ed02da3

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              a2cdeee37a58eb9c17d867891aa8f1be

                                                                                                                              SHA1

                                                                                                                              19bf5888298f71983a3e40022940bcb7b9560698

                                                                                                                              SHA256

                                                                                                                              5b08e283d002fc205e83bf0c21c0d00c7f716b4b096c4555e3c7fc7833eab401

                                                                                                                              SHA512

                                                                                                                              80b8ed9ffbc8045df8bde8f1bf919040df225ab3418cea42b1c5189cd1ca67c3d5e16db3427ab860df9d74871cb6f97b6352109e5ff7d386f835d8fa7246b426

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\ShaderCache\GPUCache\data_1
                                                                                                                              Filesize

                                                                                                                              264KB

                                                                                                                              MD5

                                                                                                                              d0d388f3865d0523e451d6ba0be34cc4

                                                                                                                              SHA1

                                                                                                                              8571c6a52aacc2747c048e3419e5657b74612995

                                                                                                                              SHA256

                                                                                                                              902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

                                                                                                                              SHA512

                                                                                                                              376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\d941016d-8dd3-4dd5-bec3-958efe17006e.tmp
                                                                                                                              Filesize

                                                                                                                              2KB

                                                                                                                              MD5

                                                                                                                              91d6448b0bc72b0559e342dd374488c9

                                                                                                                              SHA1

                                                                                                                              5d9d1ddbe349e8b589adfd0f8f4b434246ae4545

                                                                                                                              SHA256

                                                                                                                              b576aa83e3fcb3ddcf8aeae8a7778325c5477b583b32fa54d3ee99953536c9a6

                                                                                                                              SHA512

                                                                                                                              29b44754b9b922b526fb3c7b23e5bc6dd982490e4443b6956c4ce0eb3d72b5fec70000a24c808937a9c5144b5df486def5364d93a920ae49980bd3fb06b95e31

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w9rzhd5e.default-release\datareporting\glean\pending_pings\bbe2e265-fb56-49a9-a907-92e915fbd438
                                                                                                                              Filesize

                                                                                                                              671B

                                                                                                                              MD5

                                                                                                                              9f5c2f43bba91d39958c7a302ff172fb

                                                                                                                              SHA1

                                                                                                                              5b2c14a9f0db91557244a096a83f3f623e457935

                                                                                                                              SHA256

                                                                                                                              fd4ee5fe5d3816cffa0b273ca5a49c3a2c6d7c0ba587d2c1169d6dcc41e1dafa

                                                                                                                              SHA512

                                                                                                                              ff938d1816457730a3b510aff09d1ba8b80f6a6c6712aa0d69a698cca9f1561cf2fbe4a7867b64bfd94c57838fa60ab899f9f1f8bd73dd51671ebe9d87d07d74

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w9rzhd5e.default-release\datareporting\glean\pending_pings\f7862bd2-d1b4-430b-a5fc-4ddb5a4f5409
                                                                                                                              Filesize

                                                                                                                              982B

                                                                                                                              MD5

                                                                                                                              47c99b076c90eb0089ea89a0ac2a96b8

                                                                                                                              SHA1

                                                                                                                              118fa0815981b7dd312d7e553db6c0a1609d1e8f

                                                                                                                              SHA256

                                                                                                                              36b4e6a4817ce1bcc8faa580e22c84cb365e969ea77bef4e06f2379d5d990dd1

                                                                                                                              SHA512

                                                                                                                              39b5a1ada1d4ee47ad26363b1d04a58e5af733a27b2ac3bbf95ac75eb11b639c2755d29c901117860ae1b1b6b87d7035de09bce4e1c0ca2dd5a3e610965d54ca

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\JJSploit.exe
                                                                                                                              Filesize

                                                                                                                              10.5MB

                                                                                                                              MD5

                                                                                                                              e59012474c711e0db071950d859bac42

                                                                                                                              SHA1

                                                                                                                              2a1839c61829b70874aaecd41d76a03b8c6cb5dc

                                                                                                                              SHA256

                                                                                                                              5bd65131cad50c58ae916818d54abe44c014854db770aa71a9933293939ad576

                                                                                                                              SHA512

                                                                                                                              61e94c2949d9f08d2ce37dbe5687cc8ff68b274e2ee56d530870a977773a1e04ac58bca4f550887790f0d31534d862cdc869a90621c03ebf030cf73b41fd5774

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\db.json
                                                                                                                              Filesize

                                                                                                                              311B

                                                                                                                              MD5

                                                                                                                              84095feb496d351b9c80e926938f9ca8

                                                                                                                              SHA1

                                                                                                                              d8ac99f45d8420698809521a4c1a30e954f118da

                                                                                                                              SHA256

                                                                                                                              1ee333036765e94b9f6975a2cfb6a799c42b3357078b424753f6aa61b225e54b

                                                                                                                              SHA512

                                                                                                                              347ef12c4f1849a5455014413097ea6d7a6406b36027da4734afad736a5581c6068dd4878aeab02843abbc1e1cfdb37f34c167b4886c8644ad8778e592393e10

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\libcrypto-3-x64.dll
                                                                                                                              Filesize

                                                                                                                              4.5MB

                                                                                                                              MD5

                                                                                                                              a9c1f7ca15c65c139bc9d4bf57df2e1e

                                                                                                                              SHA1

                                                                                                                              1b1377139a6b289d43a6b1161cd1089ffc817cf9

                                                                                                                              SHA256

                                                                                                                              03ec9292dcdfda520638490e11baeefff5ab1b6eb22feb90a22fc771272ce116

                                                                                                                              SHA512

                                                                                                                              97f8745dba6330c196de9b822638bfe7f74a86bdcb6726f4bd1d3d917de54f9abcb05163c42255173eac3bde995f0d611af718dbcc0de432b67666bed0c0b073

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\libssl-3-x64.dll
                                                                                                                              Filesize

                                                                                                                              802KB

                                                                                                                              MD5

                                                                                                                              51b0d5f42a82f6fa8739b403e9b8b81c

                                                                                                                              SHA1

                                                                                                                              75968c157628bb7aca9b5f2331f7a0c9a1d28865

                                                                                                                              SHA256

                                                                                                                              0bda7daeb4040c722b8c287dfd2307c9b8228576db1dbbbaac901c35cc8dc62b

                                                                                                                              SHA512

                                                                                                                              94fba90ad7bcf190079089dcc3af97c598c016eb359fe4d2ea439b5fbcd4a5489ab4422652223926aae64002beef1368d5b95874f68a2e5bc4971b4f9604d814

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\uninstall.exe
                                                                                                                              Filesize

                                                                                                                              74KB

                                                                                                                              MD5

                                                                                                                              fcbc4b016ca7164b57d332d4012f3b85

                                                                                                                              SHA1

                                                                                                                              b1f8ca1824216100edba1bf52c4a953335e277fd

                                                                                                                              SHA256

                                                                                                                              11a861694c2a3cce1e14020ffd46aef7dbcee861763203c5aebe8f4fa1cfba3b

                                                                                                                              SHA512

                                                                                                                              5b5569ab94108f535345d6b71c105222daebbe34d2132ff1f03df84151c3b7488f0f6cda7bb054694bbc58234e709a6069bfdd9239076395b4a823f2d8848b3a

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\xxhash.dll
                                                                                                                              Filesize

                                                                                                                              46KB

                                                                                                                              MD5

                                                                                                                              249a5f6ca047df2a2f802782696c7f80

                                                                                                                              SHA1

                                                                                                                              6a1d96be0f497d689fb55de70284af83cac61f52

                                                                                                                              SHA256

                                                                                                                              2828e3014c3283caeb1b00d14145a42f4e347e7f547b40634540394892265671

                                                                                                                              SHA512

                                                                                                                              d2d0b6ba2ec95c33609d98788e5a4cce382d93721ea5dea61cde3f4c065b06530a0b01ae4909f7883a81d55529a36cb6a5820aa2afc320b5761f6f59a3a45f1f

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Desktop\zstd.dll
                                                                                                                              Filesize

                                                                                                                              638KB

                                                                                                                              MD5

                                                                                                                              21dfe873f6ed38f2f713ecd43ad1ba41

                                                                                                                              SHA1

                                                                                                                              7648cb043587da0e85743f9da8dca8be621ccdf0

                                                                                                                              SHA256

                                                                                                                              2a2d63c48b6b3ac7768231ade30122c94a0a33e62e5d2725e11c95b3194aa997

                                                                                                                              SHA512

                                                                                                                              67b4f976f3511387ce2a4743e2281ac88533bd204d4e07a5c6751f0ec30a3463dfabcda18103a632541ec2a8b7b937806121e21e44959411c39106e22b739919

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis.zip
                                                                                                                              Filesize

                                                                                                                              5.7MB

                                                                                                                              MD5

                                                                                                                              8981cd26e588223069f3312444be6cc8

                                                                                                                              SHA1

                                                                                                                              cce203a689135cc6a1c79c8c543be5839f7d43e0

                                                                                                                              SHA256

                                                                                                                              4962e32eda2ccd7238948bf579c629a2e70c9bf5a029aa79abac01da119c4414

                                                                                                                              SHA512

                                                                                                                              3fff093f1f41e84963495919eeb4a1fc43cead24e1ae12eb3d761a1865c28ec8ad20dd7a44b1eb8d4420dd22a5eaf7714a6727706fe2dfbfc6a10272ce20045e

                                                                                                                              Download Submit

                                                                                                                            • C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis.zip:Zone.Identifier
                                                                                                                              Filesize

                                                                                                                              62B

                                                                                                                              MD5

                                                                                                                              ab5ae4c6aede1dbf44ae8e0aa7a933dc

                                                                                                                              SHA1

                                                                                                                              2279aa17a3fd6f112c74b38b0fe9e9ac0352074e

                                                                                                                              SHA256

                                                                                                                              212f021f74e1be6b5ea9dd7d46ede1ffa2d234d7b2486b4cacdb0df4b3588cdf

                                                                                                                              SHA512

                                                                                                                              52071cbd2cf8c9f990c42f52087895241d346bf782274c0d4db13f413d1fd6d5b47dc6507224b781a3afb27c69ee4349ea7251d28df0635abdc2a1d6f5382c56

                                                                                                                              Download Submit

                                                                                                                            • memory/2584-938-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-940-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-939-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-928-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-937-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-936-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-929-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-934-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-935-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/2584-930-0x0000028655680000-0x0000028655681000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download

                                                                                                                            • memory/4300-501-0x00007FFF74D30000-0x00007FFF74D31000-memory.dmp

                                                                                                                              Filesize

                                                                                                                              4KB

                                                                                                                              Download