hxxp://fortnite[.]gg

Resubmissions

10/10/2024, 10:25

241010-mf1ewazaln 6

10/10/2024, 10:22

241010-menppazajn 8

10/10/2024, 10:17

241010-mbjxbstdpc 6

10/10/2024, 10:16

241010-ma8jasyhnr 1

Analysis

max time kernel
1785s
max time network
1796s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
10/10/2024, 10:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://fortnite.gg

Score

6^/10

discovery

Malware Config

Signatures

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
111	api.ipify.org
223	api.ipify.org

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4460	msedge.exe
4460	msedge.exe
3284	msedge.exe
3284	msedge.exe
960	msedge.exe
960	msedge.exe
2812	identity_helper.exe
2812	identity_helper.exe
6036	msedge.exe
6036	msedge.exe
6036	msedge.exe
6036	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe
3284	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3284 wrote to memory of 3356	3284	msedge.exe	77
PID 3284 wrote to memory of 3356	3284	msedge.exe	77
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4252	3284	msedge.exe	78
PID 3284 wrote to memory of 4460	3284	msedge.exe	79
PID 3284 wrote to memory of 4460	3284	msedge.exe	79
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80
PID 3284 wrote to memory of 2008	3284	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://fortnite.gg
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb516d3cb8,0x7ffb516d3cc8,0x7ffb516d3cd8
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
  2⤵
  PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
  2⤵
  PID:376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
  2⤵
  PID:276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8592 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8336 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
  2⤵
  PID:3788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9532 /prefetch:8
  2⤵
  PID:852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5292 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7664 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1
  2⤵
  PID:244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1
  2⤵
  PID:5600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9152 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,8360203310641074031,7390138883608395689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:5940

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2516

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D4
1⤵
PID:5368

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7145ec3fa29a4f2df900d1418974538

SHA1
1368d579635ba1a53d7af0ed89bf0b001f149f9d

SHA256
efc56eb46cf3352bf706c0309d5d740bca6ac06142f9bdc5e8344b81d4d83d59

SHA512
5bb663ede88f8b7c96b09c1214aac68eda99bc09525ac383baa96914ff7d553ea1aed09e3c9d16893d791c81ddb164c682dfbb4759ac0bc751221f3e36558a91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d91478312beae099b8ed57e547611ba2

SHA1
4b927559aedbde267a6193e3e480fb18e75c43d7

SHA256
df43cd7779d9fc91fd0416155d6771bc81565e98be38689cb17caece256bf043

SHA512
4086c4ebe410a37d0124fc8bd00c58775e70ab2b7b5a39b4e49b332ce5b4866c6775707436395467aff9596507c96fb4896f3bf0249c5b9c99a927f31dcc1a96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
39KB

MD5
23ba3477208c4421f294123a9dff02a9

SHA1
6a523976dd74f817e572e9b849d510e569ba986e

SHA256
27b87d60a4c03976a2c2c65281f958dfe2dbe34298a1f46b189c56df25bed224

SHA512
039c6195a33d1f38ad554f88cefd7d55b343b0af13735718406e107428af9417eaa5e8eb8917330c1ff3580560ec0872c9d33afb809f55b4048a2aef15822469

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
102KB

MD5
d02733285ea581ebaf9bd90bcc316e39

SHA1
2877563f42258436a54be643772fe1126d838620

SHA256
30ec07e9c16775dad5b4ef1c7c07e691abe59f686ee15719e5277569c83e5abe

SHA512
147f44a42e3daf1effc32b725cbb44a4eb631986c1cf23d929b594b6c444dfa7849f1f0249add9825c316794e053b9d49b3d6cd483feb509056ba253b274687d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
32KB

MD5
754b8c8ddb7a955bbb3ea486a413169a

SHA1
fe65603e0b5f56d2b47c7266f7415644f3bd61cf

SHA256
afc8c0353922795642350570261884fd94de66cc99f359d99860675b22191565

SHA512
e8881e334b9646418a1a5cefcd169eb570ee39e0df6cdb8cbc7fd770535dffc1066102f171e8303c9073eb2b321a42375d6e57d0950ce989c05e2c0ea7b5781c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
94KB

MD5
c8459d693dc9db92061ba916b4b71878

SHA1
288343b54ef51e165a565cc28cfc9ee10b067165

SHA256
06a49ec19f5b2f49b3bb38d520bdf33b14a57ca90924ca5de7d5bd6473f2368a

SHA512
ea608159efe52289939432fe7c9c2cd1c3646f99d9fd7ce1fdc989263b1633c1494f5ced0900b17c9b3fe898af50665c0061c41db37249aec26e9f2a9c7f5877

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
149KB

MD5
99e35b3b58efd89d0322af8bbcb87178

SHA1
dc72968c535925c4cc809c40cb96acaeca460dad

SHA256
5e0ad4e28e5d5123002dd3bc76a20528aeb619f5d0cfbe6c59e0212a09b53187

SHA512
e8ff05054a7a0b3271ed342ae98ba505bde3a140a6131c757641f73281b85cf50f617744511ba7e4c90518bcb83e44f00963109b705a038c68603627c0e925a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
79KB

MD5
5a76d29566875d53e37d201aaf0e52bb

SHA1
fc654f1cb2bf45d1ecca69ad0088d045a22da542

SHA256
c02c648b4546defb6a11bc831fdcb925113a4eb996e0e8c508cbff13ce4d078e

SHA512
eb53878133ba586759ce5fa96b878fe87bc2e6e23e24d4b13346539e5f9da41a9b47a44a781c4637b5f395bf169089c63a075ff4117be5bd819ab609634bf54e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
28KB

MD5
f419b7f74f1962291c17ecb83623a562

SHA1
c04c730b8eec94a21512a1a3106f37277126b2fd

SHA256
4925148c46f497438b6d5a9590cd33ab74e733dc322d285e60ab06759e4d6466

SHA512
cf1b9d6bf1f86252c52ca843d6b5de920a00ddb0e765e3b212002e088b3533ff4c6cccff602bfc02ed605faec493530d985f59cc2c423bcb031bd8e864bcca19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
16KB

MD5
89a574ff00e6b0ec61d995d059ce6e65

SHA1
aea09e96808ab77165ffa712eaa58b8f056d0bb6

SHA256
e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44

SHA512
30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
16KB

MD5
cfa2ab4f9278c82c01d2320d480258fe

SHA1
ba1468b2006b74fe48be560d3e87f181e8d8ba77

SHA256
d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e

SHA512
4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
112KB

MD5
59ccb29ef10352c9d1417c773e9d24f6

SHA1
068c63bc76882818b3f00cce72d5d3be941b05fc

SHA256
4cf9cb81d632eb1162974e7a412d30426abda6798e5e8cfbe19ac408d1ee2025

SHA512
e1716a25d85486ae3eee63eca072bf7788059de773c9903351de445bfade9634417ced5848f3232924956a306507d793caebb16818d943caec1ff22ea965b8b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
65KB

MD5
8a42ba5472aa4afa3d3ac12f31d47408

SHA1
2add574424ac47c1e83b0b7fae5d040c46ac38a7

SHA256
759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4

SHA512
3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
20KB

MD5
3cbea4e694977d7b6d7d0ba808918e47

SHA1
ff2631cf82d885d7ebf764440e262a9e689985b4

SHA256
bf0c558318dfc63a51f695d029b9ea7934ce6072fb6ec882830bda001ef1ee56

SHA512
28269c879a9dfcdede045acf03343324b44ebc99bca59a0f1d4ac703c25f83037fec432e9fd7cbd6ec7876e96d060a01c081841cd41883bda71e01a012212fc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076

Filesize
1024KB

MD5
0df594b8f8b3afebaa47cfe14f5c8688

SHA1
c4fdab3808a1c43ecb4ea5bf9040a1135e2170aa

SHA256
f9145ede2fbb7ce49bc8f61a26220006356cb61bc3d0fc2c563b42c26715cd27

SHA512
e0ef30c7149d6873758ab13e8efbb97f4e89a4e0fd9ee5b86c4974ff8ceb60c066260aedb06b1cf31f95a1a4f2c9105c1bff1899d45c4391bbce489a7e0abdce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

Filesize
1024KB

MD5
ab7099a39ce59dfa687be311a8ec175b

SHA1
cab3d1561a8d87b99739877b1e7e99093e218a9b

SHA256
2595475f891426433883406f7da1a847f6867f4c707f4be0d7391c81ab07e773

SHA512
4c901ce0f5c37717a0a415bc1afd265e34fa80f76a8249d676a911ebe6df9974ce80c6406f86f3aa3d6c1b9e6d5acfd542888328326ae3043151c776ec9b5782

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078

Filesize
1024KB

MD5
4b4ce0c51639b3ac29b6141d0cd6df3d

SHA1
c07a6867a1994458ff07914bcc3c68db8163a6cc

SHA256
30b2e8ab01287ab74fd22b4894b8f9949e807e06b601a3a9a5a491d206be7fac

SHA512
02992e678029d972112f95a5faed2c53d9696ceee862a3befffe6b12417cd1a943a4cd0eb3b9c44ffc0b40b8fdd7af853df36b47545847de14c9188f004e2829

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

Filesize
498KB

MD5
31f42cc9cd35fbdd990b322928907d8b

SHA1
8bf030a31210619018cc77b0ee878c9f5bfa216c

SHA256
05f1747df491e37a859fc61521857aa254ff6b4c886ae8e6bfb3f1ea56d4fb81

SHA512
c325681e2f13893a036739b006e266d9bfc2421a59834e1208838626464f15dbf44c4db9276120dd3d433fd3a4a4bec7b81945c2ed84d0a39025e2fa9378dba7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

Filesize
1024KB

MD5
e2bbc2f4e327ced6f71ccaa965a48d5a

SHA1
00ae7c05021c0a5349ee7be16e0a0d0c0142218e

SHA256
9f3a0139b59305d3cf830c8f239345a6b202af648384c60a2d7e9ad65438599b

SHA512
fe152834a5521d9e14bd1aa803615ad58c10aab866b6c5b263839c29e2e7fcbad7b1627b9e22f7b19ef1c369a9fe6c6f707be163b4a0d9c76d6e7230a84d068a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

Filesize
1024KB

MD5
3874a3bc4271b1a4b12f71a95902c818

SHA1
97173de861673db0e8bba80350f6c5ddcb5364c8

SHA256
fadf3576e50e658c32ef5a23c3eb77b00dc6c80d2d227aaa3ae8236c1799c7e5

SHA512
eb1a09a114876854e4fac77e47f9b1ae14489cc0245b735bd7c9104e564e99342f52e5ce45e5e5a6c685e38d25fcd15dd76f41874419c52d42f879877e13c1f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

Filesize
1024KB

MD5
7bc64ed710d76c0ddbd37f22e4150488

SHA1
2f12f8a75ef61682ed0de553a0deb390269df59e

SHA256
b9a11c0c3cb3e3668646810da15542582077b074008f1cba4eb232d2fe644cde

SHA512
265a9589570ddf28a178c65085c8cd3ddd3086792e5cac750be78f08358fda4a9fa5c6062fa2a1a1ba98bc3c6fa998df2314f76a3f6d4a603522b104e08849a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

Filesize
172KB

MD5
864879ed2781319e36e549f062288b39

SHA1
15e7e841bcb32e3e1442c2b2dae8a31763267a1b

SHA256
2da388a3d892273f3492066e093a9cf78ed8723c46c9a489add3f918f4d65c56

SHA512
312544eb5ca3f76437fb119955e96c9a7d033633e81a09d44e89c6ff9a5737d314cb03dea25ea5de3689583dbeec3e287728142d3fcd32cd0b21fc80407be301

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090

Filesize
144KB

MD5
696404796082c2fb6d4ebb400f3d7d05

SHA1
604d85ad6927cbaebfb46ef7546af72cf538980b

SHA256
010c2f001ca724d12b1fe3cb4080481dac45529c38bb77cee51263190d55f606

SHA512
13ff4ab2aad3f06636f0eab67af5536ce151288ae693b299c7c8ed24b915574cc0318739c0ebf0215892a74d151c25d6cd732e50e924834fe9d2468331a8223b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1c51c4e050136405_0

Filesize
295B

MD5
8422781d4801171cc510d42c45ac0de0

SHA1
76870f2c3180133ac0d7b37cc7ce9241c6eab8f2

SHA256
c462172cb66694fdafa0017351e398e8f7a25be831c076915b4a711704e2a89a

SHA512
e34433deb27b260c1adf9c775a8b55c65db65bdc8ac0f2b94b98d59048a8b428b881e053224b3d9428f96211fb891964b1e0149b37c1c98b08ad86952753d2a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\21f89b3566a76c34_0

Filesize
54KB

MD5
dc5d4932cc2f80d77f40ce6cad71ada7

SHA1
7d5556660927ff28508a1e3b18724f9727ba48f3

SHA256
ad7ec3543a4fc341e40afb2a04d4eedb46370a57ed37b5b3062622c06e7b9010

SHA512
660b1d2bbec6034158b5ef60396b9e2d7a848687ae83a50530f92eaacf88dd69bea6a1991fc7e594737676d1540e7fc4e9b349dc9a07c2c620b0141c23d26c18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\27c3c5f7ca29a930_0

Filesize
306KB

MD5
5fb63edef188eba97db98186eb315be7

SHA1
5c39552c5fb1d1c32f409edb88b029d49834e8af

SHA256
e2f4954e41e646c74221e23d41641dde46d3adba48acca74307805b9877182c6

SHA512
bf6614b31bd54a31bfcfff33aec5c3affb72b8c041454da90b9d16d7778e4f0047237727ccc94104aef4d91ce1d5dd77af3f2cad08abdfbd50c26e5a26a49962

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f17a432da647701_0

Filesize
258B

MD5
b2d567a469c92dc2fb67107c7dc9f4b2

SHA1
62fcfabd6428e0b51bdc7df8496500542789fb7a

SHA256
5ce82a8e9456f7643ccf0c996835bda477b064f5eb6f9a289d9e939fb4ddee54

SHA512
1ca98c81ffb19e7d255eb9af866d24e695d8a9d30d36fefef454cafb98f4558dc6ceced6c7568f908df00e22aa767d997dcca0f2051c053f34551c2a1d30ef06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d889614daa63c3ca_0

Filesize
144KB

MD5
6121ec63214522dbe6012eff2759d8bd

SHA1
d2c836ed4e24e20c8da26e5b12b22d791aa4f447

SHA256
4cefd1db6d817482e8015080d16dfb52eda4ee423eb5beaeb871a8044856e9c7

SHA512
92b3816e0f819436bc2a3b62094f7d4df074eabeeaf48e1ab61182bc6c708d37692191c32b949e07d6471b293c3259866075fd6cc68d8e2ad288c10215597b04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4c94330a7bb88d6_0

Filesize
250B

MD5
72a042597055b16829bcd5d9230e9b34

SHA1
18ad85990d6283ea20f466d71620014a96466f5d

SHA256
d299675f00b52cbfc24cf76f0375093727a430ca2883750b836371446d3dfde5

SHA512
d3122cd539e4254fd37fedf4ee269227e6f2fc2ce6332b30d37f570ff6d1a44da0d291ed9dbfe5ee7bf8365e87252eed84937aacd3f715640adeaaef6b3da55c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea97ad2bf62a439e_0

Filesize
463KB

MD5
ad2d80d322a0467c889462b0de98a306

SHA1
1b45786d7e6a6871778dbd44c24398ed40aecfc5

SHA256
d5c03e01b6fc2d16d595687a941631e432476bc6771c8ef102b0666c689b6304

SHA512
ee298b01c43432e05665e2243fc10a1efb51c83119656cc6b2c699a91628e66c921ec7c4084e1d38aa28eb5ae9ef97ab74ed4a5042d9446305467d65960a9536

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f3f255584b303497_0

Filesize
24KB

MD5
f7032e8ad5978b26ed28b39f24c79416

SHA1
8108575dc1a8d57319b75b34efca8852e91d0b17

SHA256
f28cc32ac96b824a57a2e0f0159645b34ba9132886add151cc4f517132fa9f0b

SHA512
3b83407162da7763ef7d478fdc2560b1feca8a4d64d89b8cf3e7fda12c67fb8d243c0dd6ff529c3c1b3b38ebe5241cb062094c0477618acf8403e2e194ecaa54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
5636d1605f03789fff3f4f28d8c858ea

SHA1
fe6a31fcf40d3ba1a12ebc8c76634d511a3cd8cc

SHA256
1a3124478c570f7f15384da085a4512345db81552a5d60e89c56433b0cf08af3

SHA512
9084affd30bc7eaabeebecc3871083e00883f76fc7b179d734edaf304881730c70fed63b8ec628d6acbf178a28e3ef6322aa9f76d0a02ece2e3a560b37332555

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1682ddf0c480590edfcc8589b9bafd17

SHA1
e2d6af2bccb2749997a99d23ffc9c455bf890b5e

SHA256
c074a2da87e452ddb18cfe34c3c7b0b34eb415b361c6a850c342f2f5cf22da77

SHA512
b6815134dc434164f614c04d220eae4e98c7ea495f3f304a6ba6c3a7650d0768b0c69f6368d2d83526804844d3966439eb48d391a1256840f5bac3567a893e15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1eaa8af1f34a5621b0e6c503e6707599

SHA1
df3629010ad66511200ce1bb78f0ece510b58c92

SHA256
693cf41a29095b09de840f83420bc9a6d3f86d537db1b3f4175161329167b5df

SHA512
36fe3e02c32824fd4a6d140fb3f10e9cf27c595b705ae9064fd7aa8a5ef99941d56f21b682c534ae16e2185ee24a9442bf10a0f1342ff79c493074336dbb660a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f286802a201f82df3e7746cb01e318b9

SHA1
3f906d437a9b2099f51ee0f4d1fd6f8ab76e2ccd

SHA256
7104d286af1229f90f8a58a92bfa43dfb5a1b52521713be7ddc40e1f95da5dfe

SHA512
d9a0b32cc3cab54468b939299e80bbbb5b46f6a7cff014e8d136fde0dcf4a3c0aba7747c93e7e3f4c288d438cfd500dd582d871adbf86038e82fd6561c0ac2c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
17ba22bc567beea796908c932af0c2be

SHA1
af8c7886bec772b908fd7a08d36e0ad741535be5

SHA256
a3f5d83da4446ef36bd8c36431faa80d3dfd9c9673b327520ffceb15bfb26df3

SHA512
ffdd1e402e5d0ce676b38995d6ad7151ffd7a1799567cd0f0140aa9c80aa1b6cc8cfc3c4c7b676426af7edfc8807c8afa80c2cc0a0eac93342084ab54c24897c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
24dc1e7728e941680925719e947838e7

SHA1
bf9e29af869e3fddd9706bf0fbae7eaffe692b08

SHA256
3135aeb67996c50b8aa9b14430b958f4e7a1633347d03f394e98dd9d531f2996

SHA512
ec8382420b981820233b8dbebcaf842293e11fbcd1d2ac29f2706f411b67711ce032bad827ea744b03180bdd7a53cac0d78bd04ce92ef758a2bf7c21256cf607

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
98ebe27ce03ced0dcc2f6487fab0cd45

SHA1
fb52047a267908b825f77a0195041e79594dd1f5

SHA256
0f5c80f3773916221dbf34d6308e526fd55968318632d93b4dd2cbbdfb3b24ef

SHA512
3fb206ccb71b01bcfaf043849c357398969765d929f0996a359bec7891f134a03d1bbcb321411c153b2d82af1bc447a4b29fd7cb38575b81beb53c1937fe9cac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
89142b8734d1a16e4c6804d9c2c1a3f8

SHA1
18080d79110767076a12029e517d7fcee9d9a533

SHA256
edc1c52c7b981c3dcbf9a44219c27d766df5179680eae119e2e3492616fcc23f

SHA512
8cfe28072471788aa16a9bb6cbbf269ec99ac0376b2a0c88fedb065fab6a1fad050d43b66a4d253408d2fa96e0bb35622c04269a72f6ade5eb0d7739466a6785

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
ca88ae512fa0016f49038758bd741ea9

SHA1
9173606e4a74d380343a860b21a4d69ef4065e3d

SHA256
ddd202c9158d8af2b3eb91f401d192209302133bd37770aa850daf34426618c2

SHA512
91f2349b9bce0096ea2a38cade5dde02c9920ef73d3e9c98d458cac309d51f20d7ac0048dcced7f83bf8cc387bb88686c49cc22ef29793e56f2da1860dc2338b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
7f1ea5e78a10bf3fbd42bb54d890b494

SHA1
d16f0419a6b7e1edee52837577b59530a6acef3c

SHA256
b1afe43eb66ce0a8c2f92ebbad27896a30746b7637b7d18f237922d05d12e147

SHA512
28e103b447b7faf17a18146d2c979f58d6bb9926e101d6541cbb322fac702c932b6a34b5d0c70dc7732b14654f65b1e10dac21e8349715b201697880d58d27af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
9738e4229de6ce0f7c465292d5901de7

SHA1
bdea38673775e41c5d158e2d753205e5f13a5799

SHA256
cd82c9c260490eb4733246038d9236ead1771fa3c267d1121b035c1454a662ca

SHA512
1e7ce32c81329fcd25bfda91c4207cfab72c27d665604b072c0f3f9e81a89f58b389ea44b15f32a3014d9cbc532f92f018611aab4da8a2af8fe5a983a41ca658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
fa21c81a01e1a968da74e81268a11970

SHA1
86e348228899ede558cba8e67aebceb3d178b9ea

SHA256
fdaa31cb6f24b93a23225bde6ee800830e4b48d3cf5b825574ce7066b45793bf

SHA512
04cb2eca190bfcfba6093c29623724a559814ef400fb2b455f10d8dd963d1c5abbd1e451985c3ebdf5e671eccc7f305ef38525e5961a7776c3905b62921c6940

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_fortnite.gg_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
6ac249f6666cc159381fa9e70405303b

SHA1
990bf97f7cd06c18e349aa4980f87a10ec99b7e9

SHA256
e21013a68fcc549d38937f61589fef3a077e4f4d9cd7fe3773bf2615ed881d32

SHA512
b92043b83ee087d8d4efa7f7dcf7e9fc14f00b578bcd29860adf18d43786480a716e4c722d69ac41c559c721f551510b95f0bcb6d0c21456948c4f79b1f0d01d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
20KB

MD5
1ac2ef27ae2ef38d7e56e33763b2627e

SHA1
a0df4d496fc4b1b55eef6aa3b44d825ffc66e83f

SHA256
5ca80c288278ae767ec528f96511b7f354d9eff003b428db44616a50d5882e04

SHA512
cd7f129176245d5f1d3d3400fe0bd9d1c0c32c1957dca2eb5be3cb9301b82cadea54d7249408175dbe14e6d94d4c85dcc67c41e88b9695fd4b2645954c4f5830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
fbbf436fac0d16abafcecaa5895b9dce

SHA1
7b537e722bdf97a4b37c15f4169eafa96e7b16cc

SHA256
63ab2b5408d9e071e9dfadd8638f3323a961f50dba0e6649a5b39f9894c99c00

SHA512
8a1ee1357da509bd6195bf0327dd44825f6f7c0f4aea096b895f2e9f16a5bb6b90e66bf54c82296cd74288221c7746a53818f2369828ad002007c8c15edd77ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
18KB

MD5
c8e687d830c7215e8929be9bf0bd671a

SHA1
7793852b1abe6a02941bdbc6659c77a8293705db

SHA256
aaeb9fe9391fdf9485a6ed170d6d979c21d8881b6ce6afb39f7185ba00e06a3f

SHA512
f3fdc97696b44174df399bd23bd721b609e61ebb1e9467d1c819d5b1a6f5a0b1edca91e303330be322fe72e24f7af51d60b9415d3e644e56c110413e51d54b52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
18KB

MD5
8c3d31076fa0c0910cb1ba022798f089

SHA1
e18c8c9ab53f31aefad94dfb071bebc1e72ac28d

SHA256
1e8431b545ba8bb56fa8fbb7083119d4d830c0f817251700348da2624a77decd

SHA512
306bdf3a3b08b208af57f35af402ccdd1dd6b46ddaefaba6e71e79a517a439d9699dcce7fd3b553fe7ac8968f2726989cf7d428153a37ad968650aa7d36bdec1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
20df7b99ed4b8f1fb1bc21300ba1eb8a

SHA1
1d14779bcb8b0beb3c6ae8946810df08abed7f4b

SHA256
f8cac125d18eef7752574f2d3c7c621eca84f98775b8e5a2509cd2e1b8d928d1

SHA512
e390779b30fc8842485dff212f2876b8c680294a2b4c5a84823bf1c2d6c528f687eb3c976795e0e9b7379552178afff83b7a48d9f9ab54eea65c6d0c42ccc52c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
53fc563b21b340d2955c9104d9580648

SHA1
4f05d8c61920e59f2e03d71b60da56d1ffcccd19

SHA256
e5273292adc63c2938edabb22793cb69821652e50d3a4703657cc16a2f204f44

SHA512
a2a08031d74027e71fcea13a38b69b8ff7be45fdac6467134c89681bd67695744e94eb2ea6d655ee212b4159fa12d4fd30144b727fc8b06f2f4f67776af98dc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
c6a2e8bc3c0d133b94470e5441dce45f

SHA1
ec94a7fdf09a5d91c0e0dab654bf29ec2fedc5e7

SHA256
a279271c36a8ec62f37bc6ec832621733877475e30d10273161a81c4731837c5

SHA512
45cec3a7a5aeae0146c3800a6fe5fc201b6d369fd907086949434417e1aa46180c14708e686107ef73ef1eb0f7c60e3d3d8d06759ff651f935a0c40d426a5326

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
5KB

MD5
e02f8b5723a120bb3eb1f7a2dceb7435

SHA1
128f98512f015ce259af8bd6ece2271e8e519963

SHA256
192c77ed184f893ddd4027fa6c21b9b029cd664c808bf472707d710d20bfc8cb

SHA512
13e5cb70535a6982d7ec78dd8eb5317045890b227b22d6af5c5f2a11b459765474704d50f143a2762aa604beef5770838aa4393dda1e72c1fb200a2e4d301104

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
2KB

MD5
741daa3b2a36debc9609e36ee039dba7

SHA1
4a5a344b6e7da5fbf8ba47e38d3db0d7a828c577

SHA256
d7824fa72b1cc08a7beb77a23e698e6015274aff593b525ac2d9336a03fef441

SHA512
a4a00e7e2568beab15095087833d43c27f0631e9b18cb664b312473b54fbe6c1c3cf8c6613e27018fa664e0fee1da5e1ee963e7a0b0a46fa5c150d7e4661334e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1cf2fc5f2db5bd00447b60440d80a9a7

SHA1
cf32c526b65dfd9baca0728b57c6227a9a57778e

SHA256
1b42f049c26eafb254250272f681498559cbbd2041aa0fbda9012a5bdc40292d

SHA512
cea646c42111ce95bec888e3d2d5fa5d0b99aeaee9411f628bd6e89ddb499a0ed6e97172699108efb45e1724f8d61763039ae487861d0f9a72697953879f6d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ed5d.TMP

Filesize
48B

MD5
372f973ccae72631c1fae2a3a3d44428

SHA1
8d750f0d1f2833569c8c3326150e778c80c13f23

SHA256
69fc7f7d7b90e707c7f9ea913d1ad3cc64f7ab5aee7f5c83bfbab55f1802ba37

SHA512
c0a49682b41300d30270f4911353ecec560d674aa45d6de04b12eaa003b41dbb04b8b0396e43d66904bd4eef15dbd1251fa7b543e7a5abf5c2e1fd0d3217be66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
bc68b4e92d640baac120114ea7120b51

SHA1
cb309b79a33c6d0122c8a8ae88fb2e858c7d003a

SHA256
df942e110c0f592b47d243cff7ed9f26cb631f3a7e89facd262f53a6a4698228

SHA512
293aeef52fabc05c5ff49605c74279f1fd74d74108d233eb036f9d8d0d485f7b9c087384762adaf8a2091369f8a5b33cd898168002c4d7ec9bd433821ddbc4d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
76c96d309a5a1af25f7d2d7e5ae4c10d

SHA1
6f23125c8353cde1709f2517ea6dd1eac0483916

SHA256
002e8a6bc9af10673f1159e2b2f7b2b16880dd7fcf316ae4e89ea003231d648b

SHA512
dc7effc545d49ea2531b118c558c0f9aa25f9cd163747e1573179586ff7ecfc473e532d773b4298006e831d4a1fd9d903d22835da7f91ba3bf7a0d6f963103ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
f659e787d6c86633ac5a73d1aa12f57a

SHA1
a661e35f092d86b558e9e3038399aecdc99416e1

SHA256
e7041d8111b72d8327cdfd96841ce2e16e80e2e5026222a513e79f66b0aa4583

SHA512
c2582b19a620df81ff59d275a671e6600a643fdd15b2e43d51f1ffc70f9aa721ada391cfb458cea9f0ac6edf405e707ea1d545be44f185fb4930cce2a59d793b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
f5f5952fd65677c6e57af541ae57d32a

SHA1
7df378275ffc2790d8bf481b27d9f47def07e26f

SHA256
e4f9af31342c07432198bb5d1f8b1ae9e0e6b28ff5871bdf9b5d2c100ad29d0e

SHA512
23470d9d5e976fb40b2a599e7e6bd32127da50f8c8deabfb4783a73030e785b7623d7b745f9fcbe4fed691d2e260b427c4d7ea7578379f5c4a9465bb0734a58d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
ec981410ac380e995348747dec5c3f56

SHA1
d875424fc3288de67a8a200bf1ebb576570f5493

SHA256
363123990f53c8ad9410559b4ae04353795f757026cdfeb05df5f57c60777fc8

SHA512
9910e16b446cb945da7d5e8f9c3648f2c5d9325aa4ca9e4fc5334234f25a61e8fde473798c0bcec24a1036222656d0bffaa6e5128650c234e5dce39f7e087195

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
336108506f4bd9f81062a7343d018dc5

SHA1
5db268d5da668b27c11286f85d3eea6dc2c62713

SHA256
11dc2286cff378e16d94de7841102794c39a43d13749591bbe1e6fefa2b6ec99

SHA512
45f03fcd76789256a5c5f19f13b56afca2153483467068f675217a4ecc3b4388fb5e07ea36a0e5624e746e4532ea81896208cd3dd1c6cd4511f97d6046120755

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
ab8b6686431b35c2178337a5e0467241

SHA1
3602abccd59bb6e173ccefa84f114c57eb63f810

SHA256
192fe30e482b0877e1d95be79952688b4b145865d1b72af921f48f3088b536c1

SHA512
3ff47db79500698c8ddc0ae82ecec50d311a0eb1514538670267eff2bdf5a3b0e431ab6810f373d6f1343e58cae87b3facfdadb307efc321b92ac5e867e989cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
e83f230ad4aa9a56397e95c280918d6e

SHA1
e15ba69d94366acceb051bdd95b561f180cbe7ad

SHA256
6eed5a58dc4ac6d794d185387dafda1b9e4a1c79565d00fbab5e5ca2b2494bbe

SHA512
c75dc4d9e8bcf1ec063c7bb2f3023c8e1c9d132a0e9a4d11d4f9684f19f20fd75306ccfe00f8223e2ab899c1ec8ea9067482bb0bec016f9cc34ba8feca977c1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
81ecc9a711f2ce4e36120a7cb714e14d

SHA1
d69e93b8b50044ab46869582359c9e042cdb0b9f

SHA256
4abfa8d8032bef6ec38ded78660b69f743dd4b1e35b4cb419547b7e25b484d49

SHA512
8d35078e08417eed1fd69fbd2a78b663e7fb30c3285bc0071b5edcf59d162f0ecaa1a253bbfb4ea9d415ccc693773f086b7fbe1584ba1dee9f69a790441ebfb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
603aba60b8d0e9e44bf736f615559ebd

SHA1
a2c6903fb7ef735d5a1e92869481cb94834dcbdd

SHA256
23552bfedae813c0646bf9c178187598ec4f56c3638f6a6806a2e79c43e93212

SHA512
d9a223f341aee2ecc6b2dc4902b587a577d392ea4c85831db7be60ac68fe8f56bb0b76a3b058262871ff2c318af96770bc8a2701f079def78a0d13e4a4260506

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
fbaf0f519226f8068bd518f7aa42f992

SHA1
b1715e3831be859c24739ee47883a9c4c32cd399

SHA256
2a87d66ea5471caae8c1dd202e6d949e34afe3dee4b594d1fb7ed184bca2ff45

SHA512
f06566cb266e9a14324bb5360b930df3e19e0fa8700ca83d9544ea0692b087320d7e20cf0772fd6ea6d4c9088466a61f7738ed77775a243b7c68ebc9b327035e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
5ffc529b71451c566cfd69cc47f8c01e

SHA1
abeceb205eb4c00eec69990dcdbaffaa82f4049b

SHA256
c90004bb3efc838e967d6e0f1b6ad9189f1a70f2201b849ecca1566c119f3623

SHA512
2e89348a42853beb3a6ceeec42fbe120d0983416b58a935fc6befbd6ec27ae03376363a537c6528a67895729a820d85626ff178c15671eaf7f0f49c358f02099

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c2e18e991f8acf0699418e85eb9ad26d

SHA1
ae7bbb34338b712aa8f1f5b87bef3c8f00d54fae

SHA256
eb4d64ef7c4d5b6d78cb286c5dd35959878ef9f771213ee16fbec943666fc278

SHA512
f9571fc1f664cf1bf95c17dd615051ca38b4a6bdca219b7b621016edb2b19354d17551883b2484c5a36b03c92b0274997b7a53428623075d1c24c28c6d492589

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
db6e460e55b4f5574fd90dc0cb3f8308

SHA1
261cf8ac03b1c185bf35ab240b4a5bf282ede0d6

SHA256
8ac94fcc5600d723d5b31d25120716188e0903f91f61c1806cf940fa104f359e

SHA512
e2135d849f4f77e305144816be21d9ef58725a020acfa5c8c315da35f457197b0f5985003e9a54709197db9cf4e1278e0fdb9a5b36607fcb8b5fb2f2707d5525

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
ebe0be04444ddbebfb5153603058c05a

SHA1
0cfc798b0f3a7d1d57937598607a9d5e56b64a87

SHA256
aba7557dddb724a85d25f3286c30dbc545fa39aeab956779ceed9b90ffa8da01

SHA512
00555c3901f892aeebcd1013885076e18ab0e42cb231d9688be949e8de9eccb36042a5fd8cca4d9d637a46290afea20d3afc0789c62a8e7c659f2e8da3e2c520

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
5872d6d2cd5e7f593dd8dfdbb6e8824c

SHA1
6ee9b71c3e1fa92012940cefbd132bbc42686f15

SHA256
2c222984dd3e0653fbec2b0f7ad7e4a2b4e25b8441de7422d6847f4052fb5577

SHA512
5812d044b05651799285ab40a675f59a5695ba24698fdcb93c342370062bdbf0a39176559b3369b5b77573f8f17edebb3796bbc1bbb1662186b2fb448fa53def

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
54cab94d76e5d92fedfb54c0d2cd0932

SHA1
6adba90d28fb3e8fb7e58e9ef59d53523f2b6d7a

SHA256
dc582be3c6fae31fbd4bcbc73a560d3e4e80df9a1c6cf7015356430d51a47c94

SHA512
5b0980dfb2ffc346e68331e298fdffb69b7cb3776d52bc5509439fe19f8fbf1a743370804373bbeb648e40bff033619b9d9ea3d296b1cf12b03b2722a3c58dd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
7002314d9ddeb96e0f9083a7a753ef5a

SHA1
747d21769a52cceccb962eab602c884b5caa1493

SHA256
9d5e3f2b139ddd34d47d47b6c6e6426f7f3dbd5875f4a20e261a019997e27f21

SHA512
1e3516a50f5b5573d4ca14b29cb7fcf0ce23908e7e3bdc67afce52857badd7a26daa2c8bf72d2efabec307f58028694c8acb96fbd78c85cc7b30124335ff9d0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
8b0c0d6c2879b8626100d5eeceb6d203

SHA1
e3a3c414b212674a74a8bc23e5244110fc9b2bfa

SHA256
4670802dec4ac22a2ddb5ae2256bbe2b9f4cff3a9c369f554ee8bae9920fe9f2

SHA512
4c1bd82c557ea46548b07a23cb667cc8c57329ce4e3de67abb727d466bd03f340669255481ef66519ffb8f0502667aa1b760d067c420b1d3016b8cda3d7a4814

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
a77d1135bc1e9a095247bf53e50d52b8

SHA1
ce97c506fea874ed27f049bea6b023cd39af5958

SHA256
d514909853fadaeb8528340dcec121059f3885ab18246b378f2b6870f603a84c

SHA512
81212b892624d8c706b6d3b0448f6ad85654df24c2ea21ff683df6b893db4997cfa0411b556d80d62ec5f3be9e5748898159bc0f431dda9a3d855b55f30b7352

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
88f7ad505ae35f9b7ac809640866cdea

SHA1
dbb418aa8501ba81ba0c7e911d269929a9dd5c1f

SHA256
23d2fc3c936f8e651d6b5e17f1f1f39fdd3ebf384d06f0b2a66cccf345314a82

SHA512
e2523368fd3341bc5ec038a79007bd1912894d1d6e1b56b47d9c8c8beb94019d9f66f8a171bcc1a3b6ef4b2e91ecb47346359a35bbc36266da14e13bc0ba193b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
cf1caca67889daf793bc8e327b8597b7

SHA1
04ca8ec9ccf1efb476d77e68cfb5635c51e3955b

SHA256
9081891074c36abd7801f2c8bce4d04bbed5ad005e77612d61c63ce03f914dd8

SHA512
6ebbf3d3e5de8232866876434c303a0fe3eed64340f705ec9ba93c205fad13571a039fdff6ece44678c2309ad0c017ebeb58b12eea832865cbc2c10462785f5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
b56d2714925c2e7522c881c5cd4f5725

SHA1
c977e1396cc8eff8d884ae206c623e359f806fc4

SHA256
53a02cb54e23e86d1aea720d915f3dc06e49734881febe3180987bc9ab918774

SHA512
be889d30f21bad1d7c11d4b80027fc4943d4c6fd80c6319539f0ae1d8c5f371ac60eb8d14f122701ffc76281202d42810ef8e2a25db57d20e664b4892790bde7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
0945f355cbae1d127b439fa73338add1

SHA1
ee22de2ba724a6b98aeaaf900cee4a7526bf3d09

SHA256
a883a9af13f567c5e9c23a0cd9fa9a5b9a404f39758796012a4a5a9e6afddda6

SHA512
9f045a25bd34c05ffdfa8527a198ed7bd48d4c427d98ddbcdd3754298001276c4f37de93196b04adc5ea6a7466838ed64a6b5aa357435f2d8e96fc0b55f6a7dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
5a1b7a89b14f970e2b7870de9cb4d272

SHA1
bf68f3b9da66458edd905e3e361e43d85a9c5e9c

SHA256
f23159f70c18405cff5668f5ccef672562a6832afb20ddbf9a43cb1cafb74de5

SHA512
e371d8393aab991339666cbf4e01bb4b6f8a1ed8a970e116f7478c085badeeee687ffd78606792c0b680efb7c66feb4f656079c22b1308532ea8f0973b0bf986

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
31af45ba3aef8c1cb9d6b825ae3fa7e0

SHA1
2a17e273b214f39dd0c6d231fe2833acd15a5471

SHA256
97a6f791f1348157475de48d5ddb1171659ee5dd3e827396175888ba71439292

SHA512
6afcdc4de630d322bc33c47dd1ab0ca68c1b9ce8e354219dfed91a567c3b81db2e4de9c87d263669d78c0be673dbd1d44decc5352d760cc5f54e575738059f60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
4102bd40e5e7ff7a4eb5caf9846bed6a

SHA1
b49f3dab2d99f2d8a6f9a93bfb11cf81f9ad7af1

SHA256
77d4174e5001a57a6562d9830e9d2d2088c0be69e604a83d40b4364a0a2a2f80

SHA512
950359e7080ed7c00c23df1dcc16ef76e36290082381bbf6fccb44af5cb5afbe7c384e4573870adce3ec67c49bbf7c85f539717fff16f28efd2fb03596a4c1c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
17cc0792a4f31da89d9754eccec706aa

SHA1
1667235265aaf51d904cbb01b163430c3e1d434c

SHA256
79ccfeef7ad00c0f70fb4a0d198d5fab32e1c62760e12d2f66acae4f4a49c015

SHA512
85d1cecb7ddfec002e6cdd88bad3d29efd88659ace0ba373deb584c64e448b0772415dd80010fbd07ac3d7c7b8a94865fd8008cd1bd1a3d46b212256e67d382b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
1815610817879160b3a6eaf762fe8e71

SHA1
ff9264457f305aea20d98717f98f8ccf141c2ad7

SHA256
e39124f014954effb9366ccfee150ab5a36be41afea7f69cf16422aed19a0087

SHA512
3d0718343f871f519f2a79d29ef4089d8e07d60e1cf056021873648ec492a612a0898b08b9356535931907dbea770d3279b81aaa119de68b0e6e92dde9bc6afd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
3a90612c80dbd7857159cdeda1fd4aba

SHA1
c8ad475280430aff9f35f5d3bd42e1677d2983be

SHA256
8f6bf95e54ff501648cb91e251cbd744c29bccbd00e84d2fe00d447023b11a92

SHA512
c4f7e42e1421f9fafc6511385b328586cea5e13279022af1c7106644d597482123ca944191abcbc6ada533e311e4aa1f59db21720b3d223b3ff207c0c8bfaab4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57edfa.TMP

Filesize
2KB

MD5
c4f3d08a40d0bdf0e811abc3669e5d6a

SHA1
b55bf25f6e58690b1497c1f2d569b0de9c50a2f0

SHA256
b07f54bb2dca7c0e4766ad7a3ef277fda4914d8f11781c77a63c0113a02b1c30

SHA512
ac881eba0ae3aff1f9aa7bf89d45ebf1d9a9c323f09963e0d68953a34981c25f4ade7d08b06786bd785dfc94bc3917c5f55d8e6bfa52291be994ab4ac28cbda7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a5525decafeeaa7dbb8bd926de739433

SHA1
b1c116c84bcf3a4316c01b33bb422b39dca5ff99

SHA256
25928d22dcce9ebd40df9a885432ec2e62c9cf1188e129d9f8a18cb89a5670ab

SHA512
fc6a646e479001581dc2ed349dd09e335fd2b15d45417b6871d12d036f31dc038882563bc3328757413ccef5d75a5a31a2e810a265dc1ee5d0cfb64cfcc2f7a8

Download Submit