Overview

overview

8

Static

static

1

dl.html

windows11-21h2-x64

8

Analysis

  • max time kernel
    321s
  • max time network
    328s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    17/10/2024, 13:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dl.html

  • Size

    8KB

  • MD5

    21397feba71c77e2351439570573f73b

  • SHA1

    160902ce5caca5cc3dafe57e07343b617375a7d1

  • SHA256

    51567715fb3262c410e6f24bde9950f30bef638c42734d43152bc144431ffba6

  • SHA512

    b4e9495f92d461caed44044beb3e4a2542bf44f183f98e86ce5a6789d4b6cabc070ecc16c8b3025b97c72597cbfc424a436afd78ce4ab5510053ad48831cb0d4

  • SSDEEP

    192:PN2x2B4TSj0SUXqWVYQCnGFQlxn2/YXPjLSyfhPnoE006y2ShN:AxYVWSSg2YFoEtrN

Score
8/10
defense_evasiondiscovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs
  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 18 IoCs
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

    defense_evasion
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 64 IoCs
  • NTFS ADS 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 18 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 34 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 14 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\dl.html
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5028
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffbef0e3cb8,0x7ffbef0e3cc8,0x7ffbef0e3cd8
      2⤵
        PID:3936
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
        2⤵
          PID:3248
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3848
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8
          2⤵
            PID:956
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1
            2⤵
              PID:2724
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
              2⤵
                PID:5100
              • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 /prefetch:8
                2⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1668
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4528 /prefetch:1
                2⤵
                  PID:2668
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
                  2⤵
                    PID:864
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:336
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
                    2⤵
                      PID:3088
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
                      2⤵
                        PID:3308
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
                        2⤵
                          PID:1520
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
                          2⤵
                            PID:4176
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
                            2⤵
                              PID:3364
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                              2⤵
                                PID:3076
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
                                2⤵
                                  PID:1968
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
                                  2⤵
                                    PID:1212
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
                                    2⤵
                                      PID:4536
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5608 /prefetch:8
                                      2⤵
                                        PID:1112
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
                                        2⤵
                                          PID:1596
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
                                          2⤵
                                            PID:3336
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
                                            2⤵
                                              PID:3340
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
                                              2⤵
                                                PID:4160
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
                                                2⤵
                                                  PID:960
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
                                                  2⤵
                                                    PID:1836
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5956 /prefetch:8
                                                    2⤵
                                                      PID:1116
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5428 /prefetch:2
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:1624
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
                                                      2⤵
                                                        PID:2752
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
                                                        2⤵
                                                          PID:1152
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7252 /prefetch:8
                                                          2⤵
                                                            PID:2232
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6216 /prefetch:8
                                                            2⤵
                                                              PID:4248
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
                                                              2⤵
                                                                PID:4992
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
                                                                2⤵
                                                                  PID:2328
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
                                                                  2⤵
                                                                    PID:2452
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7628 /prefetch:1
                                                                    2⤵
                                                                      PID:3048
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
                                                                      2⤵
                                                                        PID:3336
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
                                                                        2⤵
                                                                          PID:1916
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
                                                                          2⤵
                                                                            PID:4820
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
                                                                            2⤵
                                                                              PID:4652
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
                                                                              2⤵
                                                                                PID:2720
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8156 /prefetch:1
                                                                                2⤵
                                                                                  PID:3900
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3136 /prefetch:8
                                                                                  2⤵
                                                                                    PID:3564
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
                                                                                    2⤵
                                                                                      PID:3044
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 /prefetch:8
                                                                                      2⤵
                                                                                      • Modifies registry class
                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                      PID:3824
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1
                                                                                      2⤵
                                                                                        PID:408
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3276 /prefetch:8
                                                                                        2⤵
                                                                                        • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                                        • NTFS ADS
                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                        PID:1576
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,2808225454693877323,15284093730163749879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1
                                                                                        2⤵
                                                                                          PID:3260
                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                        1⤵
                                                                                          PID:5068
                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                          1⤵
                                                                                            PID:920
                                                                                          • C:\Windows\system32\AUDIODG.EXE
                                                                                            C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004D4
                                                                                            1⤵
                                                                                              PID:3036
                                                                                            • C:\Windows\System32\rundll32.exe
                                                                                              C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                              1⤵
                                                                                                PID:2520
                                                                                              • C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe
                                                                                                "C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe"
                                                                                                1⤵
                                                                                                • Executes dropped EXE
                                                                                                • Modifies registry class
                                                                                                • NTFS ADS
                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                • Suspicious use of AdjustPrivilegeToken
                                                                                                PID:436
                                                                                                • C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe
                                                                                                  "C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe" -isInstallerLaunch
                                                                                                  2⤵
                                                                                                  • Executes dropped EXE
                                                                                                  • Loads dropped DLL
                                                                                                  • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                                                  • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                  • Suspicious use of UnmapMainImage
                                                                                                  PID:2372
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/bloxstraplabs/bloxstrap/wiki/Roblox-crashes-or-does-not-launch
                                                                                                  2⤵
                                                                                                    PID:4972
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffbef0e3cb8,0x7ffbef0e3cc8,0x7ffbef0e3cd8
                                                                                                      3⤵
                                                                                                        PID:1544

                                                                                                  Network

                                                                                                        MITRE ATT&CK Enterprise v15

                                                                                                        Replay Monitor

                                                                                                        Loading Replay Monitor...

                                                                                                        Downloads

                                                                                                        • C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.dll
                                                                                                          Filesize

                                                                                                          15.5MB

                                                                                                          MD5

                                                                                                          d46b2f2192d257d0748b782ea933fde3

                                                                                                          SHA1

                                                                                                          b4f2d13f9060bf18c4ce50378e3037c547b2d09f

                                                                                                          SHA256

                                                                                                          71f04e4e12ac43722f69b3bba360ff7c3121f54e67d14a0a6d67f7d51b768480

                                                                                                          SHA512

                                                                                                          1e747e8df8ad2c433f56d51f632af32ad7683ce070764c54a8aefcc3953360a8721c92b642090ab28643db234db66cd5f9726b24f58f69c7a268f9b47414559c

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          4c1a24fa898d2a98b540b20272c8e47b

                                                                                                          SHA1

                                                                                                          3218bff9ce95b52842fa1b8bd00be073177141ef

                                                                                                          SHA256

                                                                                                          bbcc378fcbf64580e7a48b4e7ca9be57fa0a1f2e747f488325685bdb18d73a95

                                                                                                          SHA512

                                                                                                          e61f196e7f1c9a5fe249abe9b11eea770fb2f4babc61f60b12c71f43e6fe9354cf14869daf46abc2c2655bce180252acd43c10562a2dcd31fa7d90d33253820e

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          f1d2c7fd2ca29bb77a5da2d1847fbb92

                                                                                                          SHA1

                                                                                                          840de2cf36c22ba10ac96f90890b6a12a56526c6

                                                                                                          SHA256

                                                                                                          58d0f80310f4a84f687c5ce0adaa982eb42fe4480510399fa2ae975d40bb8bc5

                                                                                                          SHA512

                                                                                                          ede1fafea2404f16948fe0b5ea5161ccee3ee6e40c55ff98c337eac981a6776b9c73dc030a5c59e4347aec91259f497539206e71949c33adcecbf2c846709e14

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
                                                                                                          Filesize

                                                                                                          21KB

                                                                                                          MD5

                                                                                                          da93aa5083d4a8a231142493c28fdae3

                                                                                                          SHA1

                                                                                                          7ec3646cb8219a1e3f4d2bfb9b80343ad4ad0fde

                                                                                                          SHA256

                                                                                                          f953d546d5c0159ed38fb748e442276e47958eb0f95f29c6af82b7e31e3667ff

                                                                                                          SHA512

                                                                                                          4af42d49043a6d8d193ed491a66999fa5d57942b6d1ceea33574eaabd53bb7cf86573980ee9c4aac98b3e039011634c2450041343872de503661416cad2616f4

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
                                                                                                          Filesize

                                                                                                          20KB

                                                                                                          MD5

                                                                                                          2fe7405a4420e49de7f164b53638538e

                                                                                                          SHA1

                                                                                                          639a77f012d78abd40785cac617736e29c0892ff

                                                                                                          SHA256

                                                                                                          d9dfcf2fdc9e7c77559a573501799398adbd7a5e91701e73c35df027350102e6

                                                                                                          SHA512

                                                                                                          9edc1d10e6abaf24aa41a3fc34e31918b8fc088433ef454ac304a43da23fb78ae302d72158015c02f4090f784adb04a32a9a0ac3231440cb660d92423a0baa77

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
                                                                                                          Filesize

                                                                                                          47KB

                                                                                                          MD5

                                                                                                          ce4e5c25b47a3a5ec81c297c76e59154

                                                                                                          SHA1

                                                                                                          d59e5da0591aa79a923e2e13bd1417e55f15b147

                                                                                                          SHA256

                                                                                                          c07bd274d99f591651cf26d5db863a40a8112d8d32bce11709052c43006ebf09

                                                                                                          SHA512

                                                                                                          648e772634d6c592a6b2ad80e9c0e804868c19f08188d2f9da3c44df18def645a6a59c413c813b59d2a6c6bc12f779667b52742a23607980611da0fe065286bc

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
                                                                                                          Filesize

                                                                                                          70KB

                                                                                                          MD5

                                                                                                          4308671e9d218f479c8810d2c04ea6c6

                                                                                                          SHA1

                                                                                                          dd3686818bc62f93c6ab0190ed611031f97fdfcf

                                                                                                          SHA256

                                                                                                          5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a

                                                                                                          SHA512

                                                                                                          5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
                                                                                                          Filesize

                                                                                                          62KB

                                                                                                          MD5

                                                                                                          c3c0eb5e044497577bec91b5970f6d30

                                                                                                          SHA1

                                                                                                          d833f81cf21f68d43ba64a6c28892945adc317a6

                                                                                                          SHA256

                                                                                                          eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

                                                                                                          SHA512

                                                                                                          83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
                                                                                                          Filesize

                                                                                                          19KB

                                                                                                          MD5

                                                                                                          76a3f1e9a452564e0f8dce6c0ee111e8

                                                                                                          SHA1

                                                                                                          11c3d925cbc1a52d53584fd8606f8f713aa59114

                                                                                                          SHA256

                                                                                                          381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

                                                                                                          SHA512

                                                                                                          a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
                                                                                                          Filesize

                                                                                                          63KB

                                                                                                          MD5

                                                                                                          710d7637cc7e21b62fd3efe6aba1fd27

                                                                                                          SHA1

                                                                                                          8645d6b137064c7b38e10c736724e17787db6cf3

                                                                                                          SHA256

                                                                                                          c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

                                                                                                          SHA512

                                                                                                          19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
                                                                                                          Filesize

                                                                                                          27KB

                                                                                                          MD5

                                                                                                          d8ad625c3b6ebf71c6081a85f887e6bb

                                                                                                          SHA1

                                                                                                          379f10b8da67d19ab8ad932639a7afd4975c964b

                                                                                                          SHA256

                                                                                                          aff84929e57c1898ad3441f3fc7f850d903641cff756ac5a86baaefb33145db3

                                                                                                          SHA512

                                                                                                          41c690dffac3a8dd4cb07e61947fc8a0d966d46c6f1993c6cc3156dc89f34dcd0b1378e6afd60ec57859c27dd01149655cecd642becfb2bc986f351f7998a271

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
                                                                                                          Filesize

                                                                                                          63KB

                                                                                                          MD5

                                                                                                          b3e330d9a2b44afad2d4477512409c60

                                                                                                          SHA1

                                                                                                          2fc7353393e223b7f43479c4d5f5a7d6930d9fee

                                                                                                          SHA256

                                                                                                          fc555d8b3345e678e51772bbf483649c792e98f68d12a66acb75a8416041c2a2

                                                                                                          SHA512

                                                                                                          74d32e2b0d0efd8f91ad0fd09181651323bd7c1222c7f6af9d199caea633695d8fc806d484e9dadbde414d5d8e0d1ede98845c01fb8a83c3c164f340cce45098

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
                                                                                                          Filesize

                                                                                                          20KB

                                                                                                          MD5

                                                                                                          63c58662612777fa382947b3f14f8ac4

                                                                                                          SHA1

                                                                                                          b0d7ff86472ff49a50a563c129dface063e0897d

                                                                                                          SHA256

                                                                                                          25ea4362789685ac932a8bb218c53f5db717f75db8230b0c568c5ec7e64eb3ca

                                                                                                          SHA512

                                                                                                          317834a97ef4ef7d6b14619213fea4fdefa57740176b068f3803d3d0dd6e58aecc6ed58bdff57ed725f2f8a68049de904cdfac40c7ea89480d1e62b07029adf1

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
                                                                                                          Filesize

                                                                                                          21KB

                                                                                                          MD5

                                                                                                          28cdc682d9e966b670aec014d62596de

                                                                                                          SHA1

                                                                                                          a1ea5def9626e16d6ba279039bde2febd124f533

                                                                                                          SHA256

                                                                                                          eab9faf12200072a23e9ea0ccdbd6f9d2ced22ad3b457a648fc9641662e410dc

                                                                                                          SHA512

                                                                                                          7cdd93ed28d8df7b41fe024364855bf07653a41d21bbce1174e63ec3b355e2d6ee12cd6cf80cd8247c28018cfacde2da174ea774920d9310cd30bd8d56fb1746

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
                                                                                                          Filesize

                                                                                                          215KB

                                                                                                          MD5

                                                                                                          1585c4c0ffdb55b2a4fdc0b0f5c317be

                                                                                                          SHA1

                                                                                                          aac0e0f12332063c75c690458b2cfe5acb800d0a

                                                                                                          SHA256

                                                                                                          18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5

                                                                                                          SHA512

                                                                                                          7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\11d74d5789c33e38_0
                                                                                                          Filesize

                                                                                                          68KB

                                                                                                          MD5

                                                                                                          107845dfd23ad9ca35bdc2e686b64897

                                                                                                          SHA1

                                                                                                          74e002616c5049ecb0729d1387ecf2b2bb8f97ac

                                                                                                          SHA256

                                                                                                          6170a306cea908c114f628c821079c90aed1cc9a206f247e0feac5a68c5ac5f8

                                                                                                          SHA512

                                                                                                          9206d57b1e7154fe6d871cf2737c2f6c761b9b8daa9c2b44741c43f67b868dbad561704bd94c57995bd7253130aab8d36f563d8e511eb98703a5b41e8e38c4b5

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5cc19be5f9cef7b1_0
                                                                                                          Filesize

                                                                                                          54KB

                                                                                                          MD5

                                                                                                          686ee22cd785edf134849e668fa9fe05

                                                                                                          SHA1

                                                                                                          118e2291ae2fc6f6291943c8fb33acdd1488dc3b

                                                                                                          SHA256

                                                                                                          7a5fce3d15d67131cc617fa891b19fa164717a3a7b00b0356d26ad9bbc427b1b

                                                                                                          SHA512

                                                                                                          ca100eb3754d155af63f9417142b80a8d9781f2d786d42e57af03cbc98b1e2bd39a84668c515e112ed631e3a7c470147d5408908f86dff2b041e0938d249a377

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8787f80084fed757_0
                                                                                                          Filesize

                                                                                                          328B

                                                                                                          MD5

                                                                                                          5cafc40e7a990f4ca9d582891d099b0e

                                                                                                          SHA1

                                                                                                          bb7ddff62092fa17f585df9bd0fa0eb55e2ebd02

                                                                                                          SHA256

                                                                                                          1475350580384e047d315850b3a991075825e8d2041e6f803b0f8540af2bdc3e

                                                                                                          SHA512

                                                                                                          14d9ca06c7860e27f99d6777fda806c0ef6af81a258abd7f0105d5bb97fd82299fa66fe47b29b0ce4d729d189afca7521d4dadd4104d3cd2747524b0c9daf807

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          5bf8c1f7937292e14eb4bccce1f8c79a

                                                                                                          SHA1

                                                                                                          8c5a7d9951b01fcf1d70c54afa591045b7e230ea

                                                                                                          SHA256

                                                                                                          f02b8774f248925d001297bda2c6128c92ee4e3d8d32b69c64a1ceccab0ec2a9

                                                                                                          SHA512

                                                                                                          91d015687ca819d490953f684732d8f210550246e6fe54f4385b435db34dc084d59c7a0e95600ffb20795f027397218259861d474f1f2b5d60218cadb1642204

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          MD5

                                                                                                          78e07faf66ef8857eb5723de55b3b5f8

                                                                                                          SHA1

                                                                                                          fa447bcd1dcc2ba8cfaa82382c37e4754753293b

                                                                                                          SHA256

                                                                                                          a73dfe977a1971fa121d982d3407c78e0f28e0f030afe644045e95c538a527df

                                                                                                          SHA512

                                                                                                          03e8b2f9768f3db6a749a8e228d5ab5694dc8bf48e50bb077c46fa6d0d4a2494bb8caa168b8ee20d46cf9de7e352951911e6bbbf375ed40633ed31f7d36f8e57

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          3842fd42d094b44f58e3791eb8c6fa87

                                                                                                          SHA1

                                                                                                          b26137c5b1f1a72aa7547211a35e8d340904d594

                                                                                                          SHA256

                                                                                                          5b9eddde8d3e03d2e2266fb49386b813eb95ac596b97e82f46525a778a10a87c

                                                                                                          SHA512

                                                                                                          09da8b8042fcdecc64e6b017165185c8b273e42e88c8b2ad7ef3d277db165a0bcfbc44e6f2ac16de9852dbdc94bc24a730c71a79e6d133f1f4ebf97a86878fde

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          600B

                                                                                                          MD5

                                                                                                          80b945106fb2fe7697e9dccc0dd1d5b4

                                                                                                          SHA1

                                                                                                          d3573815e8895f35015043d6e3a9702293b0bdcf

                                                                                                          SHA256

                                                                                                          9595e2f2480c41a853b336648b0eb6592d5932b1e7360b80cf1e26efe0b3fba4

                                                                                                          SHA512

                                                                                                          1efd8f0ff253c371dcae2f531947b42a418697f188eccad03bffe5143019fbfb9b4b0f833f4e239745bd893ab1507b7a0f4e41833b034d2c8faae72fbbcf2e2d

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          a6b844fbcfb271281701be9f274b6952

                                                                                                          SHA1

                                                                                                          229e5e4070909093d4d502caed3a50550f01cc85

                                                                                                          SHA256

                                                                                                          7045673617d9cc7a9048338988ce4fcf8b61c90fe00139e67724e9292c9f5190

                                                                                                          SHA512

                                                                                                          603f00a288ba4a208240c49ffef13b1d403cc32eb6b5cd7aa4f8bbb5ae7394590bfa2fc5e8dc6758d3a03a5c8bb945dc129f61a7169fd088379ea06f6bfc2522

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          MD5

                                                                                                          3ab581ba61a565aaafd5d191a2e5ff5c

                                                                                                          SHA1

                                                                                                          56211b2e95647835c206d5e4759938ab5fddf32a

                                                                                                          SHA256

                                                                                                          5ca883dcd1381058221ab08ae602aa40b8e45c8b9bbbe58309664fd7911814da

                                                                                                          SHA512

                                                                                                          b079cb858682d1cf61955812cc52045d2e7a318d1be390accc6088ad2bfe5582bdfacb3aecbf23c368396ad19e5b7fab9b8facaab31216e79e50f73c8e174b8c

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          MD5

                                                                                                          c61b6439e654d6a459357bf3f8b226f7

                                                                                                          SHA1

                                                                                                          05db6563b47463724b8ab4edc86d4866a1513cb6

                                                                                                          SHA256

                                                                                                          9bd00fda0757fe93d1dd71be25781ed9eb81e0c3c241dd9525113bbc3c521504

                                                                                                          SHA512

                                                                                                          6abd37d2044c48737dca1da135a83626e05dcfe112d90478b9b3b6a8bbf7a37ae00f238e09301d7c74f225e030f3efb6e3c2213d0fb5c55dcfcee20fb9944559

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          c2f05e07cc72bce3a9c2d01741015046

                                                                                                          SHA1

                                                                                                          2390d579ac3f5f458886c280957053556079805b

                                                                                                          SHA256

                                                                                                          cd465a7a0f4deb086f6ffa3afcb11f16f39cd81c6e99126b502d8b997444203b

                                                                                                          SHA512

                                                                                                          9777eba3f8a51889629d6dc38b701acb30926e0a5d869b112e4242c441dcdc75255667dabb330d8965f5685f55a2924e24d9e7dc6ecd6125a232b68a37ec11f5

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          3bd2c886a5a997f15ffb6746475f190f

                                                                                                          SHA1

                                                                                                          79ed400babdcbfb1d24375c2f39592b999b13308

                                                                                                          SHA256

                                                                                                          ac7ee833cbdcc4a1b5132b70a18fbb86401b3b798a6c5eb85a44acfed2544eff

                                                                                                          SHA512

                                                                                                          387143c7080dd6f0d76b05ef3160b25ba66d0914b942678028409957bf502938ea1a566fef277093766af130f5052e068b6e385ca5a170c5b6445bfafd739216

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          MD5

                                                                                                          3c22c790de5e521463b3e930f9ff484d

                                                                                                          SHA1

                                                                                                          d1de0a4c2d4e686c635afcad03781f032d66542c

                                                                                                          SHA256

                                                                                                          2029b87c3e9e272bb16cc44672f694851c62507e3e2200c94c934fa6a90ab477

                                                                                                          SHA512

                                                                                                          1d6de9e700010b2f546d592dbdb20a392b22256172ad5b61eaaabe6a92ef028df804c5fe76445d6ffea6c580c5b4b8588ee1dfe61c27a1e0109673de483cd659

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          cebbf4b61f0c234d64c09f9b0bb7570b

                                                                                                          SHA1

                                                                                                          2710563ade0246a7a6cbdd08bbab508b5bc18f55

                                                                                                          SHA256

                                                                                                          2236f7439597702c8ef4933ed6537e154563db47db53292f9195aaece79c19bd

                                                                                                          SHA512

                                                                                                          73787c8a1d3a30f20ed9372c5ce88a0d97be16815ea3e783707ddae03209e9679f8569dde1607a97e86cab8568221095c4fc674e995c45eccf75b7d3a0889664

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          MD5

                                                                                                          ccd396cdde91fd65f20524c14b5327ad

                                                                                                          SHA1

                                                                                                          dc0531ed5e1847e7ad19d3a783ba763c5d6e05b2

                                                                                                          SHA256

                                                                                                          2fc91ef33d5552c75e5e9afb4267afe18421a91724c1627773f022eab268cf9e

                                                                                                          SHA512

                                                                                                          af104da100c2f1219ca0917395077ce54e14682f63c92dec00aa33cfbe47efdc6ab9f98fd95ed62a5da5f689d4ff8c22b779730d99b8faae31acad54405f6275

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          MD5

                                                                                                          4948547fe4d584eca947ba1bd9089966

                                                                                                          SHA1

                                                                                                          b4c0b767994186a73f12e0376945155be323113d

                                                                                                          SHA256

                                                                                                          96460c8c5e1d66a7825f8982111e3a4b975f4b4d2aa317af426f8a734cd1021d

                                                                                                          SHA512

                                                                                                          64bb0709fc4e9e40070a3184fa4f79c67baa7526dcd8bdd511147306b3d1c02a2cb12ce91fa9ad628028f8fbf4b7723375dd8b52e0ad2888fcd92a15c17a31c9

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          6KB

                                                                                                          MD5

                                                                                                          afa7cccc7fdf9d622ec4154d00915627

                                                                                                          SHA1

                                                                                                          cea7a1a7b8d0b6e1a7cdef50f6efa94d09464885

                                                                                                          SHA256

                                                                                                          945db1b8939ab344aa084c0a0b20badae20a661030a8d33a848577f7a252965a

                                                                                                          SHA512

                                                                                                          19fa184dc329e18797c6e19474f0fb292b89e3f683b50fd25c995b9e004bb8fcc5d347ecb0f9589da16b8b503074c891a8a949eba0234a0a29ddca75ca718b1a

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          9c9043cc0de2953968ab98fa4959d163

                                                                                                          SHA1

                                                                                                          a73381d23e0713af4702c5287f7e61bd85ce7e16

                                                                                                          SHA256

                                                                                                          41a578d29880a3eb1ebeab1131ccdde33b0321ceb751382a9388d2fee23adfbc

                                                                                                          SHA512

                                                                                                          9e1a9615b11bd84ab207d486c96a9d3cd05dba823a6ecdacc66ec3ce1be3b2676a010dc73fce74799588f6cadc0b1139aad5cfbf4a1d5ebb7cb20da41960df0a

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          0e9d321b44c0e5ac481fad80fc324755

                                                                                                          SHA1

                                                                                                          3d445ac4ce3d4ac2f9f3e8950b16fe8b6d9dfb21

                                                                                                          SHA256

                                                                                                          f3d72ff2ee5534b9b5e1c076683abe28a8ab54ab8f556d8f971dbca87f3c735c

                                                                                                          SHA512

                                                                                                          d900b3c355e4ef5f4c7f0c3b60a0b5efb5357ba509b5605369ba847d5f74162cfb39dae79c7dfec9d5dbe3e57d40dbc254c663d6bafb4a672c3c8027d5d8ccf3

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          fe2de95c1371a323ae4680b5712b03dc

                                                                                                          SHA1

                                                                                                          2ec3639efbf8f6b1c8cff6990c704a01a953e3e3

                                                                                                          SHA256

                                                                                                          c39aebf73353a33c66c7a1b0b2d8bdac8f8a9fe5f2f604a04d8d6827700fd940

                                                                                                          SHA512

                                                                                                          291b2e4f65dfda05c8e180aa4f1bc1bfd7511cb61e58f0ec31d3bf2b10740105f8b326db2f85a1ee29f91280b81ed50ecad47d3fe54ff7010cf980e3611d128f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          9KB

                                                                                                          MD5

                                                                                                          02e68c069730658ebd69701f38f5bb77

                                                                                                          SHA1

                                                                                                          d50da727b80afceff9559669805562478ff0a1c1

                                                                                                          SHA256

                                                                                                          559597306d6a103339f4a8d6eeb8b6925ea42cb0b205d6ab0e66e25c325a4006

                                                                                                          SHA512

                                                                                                          0a04c117dcdf5a09e2be467bcff53ef15eddece2f3c7bd463e8c103fc79bd4cce8238e0ab6be8825fe597d857573d54e4039607a6b4b8e2330f86b411455b02f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          72B

                                                                                                          MD5

                                                                                                          c11e41c2d1b82cb65b9c83a667a7f601

                                                                                                          SHA1

                                                                                                          217a53dbece3ac7c95682f00a3b6215a5eedcbd2

                                                                                                          SHA256

                                                                                                          d367f4be63d3a43cc00755b6328e6ce4664060734e2c4f6f7c4f309718e72c33

                                                                                                          SHA512

                                                                                                          ed30915d31cfc65c0d991e96247774b5e20a57989214aae08f901e1a6b7953e2e7504c708d2d2e3b612667d20d200090d493ecc25fe7a91eef64eee25392831b

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a4680.TMP
                                                                                                          Filesize

                                                                                                          48B

                                                                                                          MD5

                                                                                                          b981fb519a3282e6b3e791efc1049837

                                                                                                          SHA1

                                                                                                          ef10a05fa079429cad392475d0634d2d7240ba94

                                                                                                          SHA256

                                                                                                          bef25885ddf29e684ce40d1331a0f28a661ecdc6b413815837a3ed21cf85eda5

                                                                                                          SHA512

                                                                                                          8ea96e81757905d8aa6e78b452f161e951aa082c8c32ea27489f8c2042fe9516d2474670d5b214720754896e58320bb1955f3e7d33fb995db923d54d092047af

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          538B

                                                                                                          MD5

                                                                                                          7f40375e80bfb697876783fcf1beec84

                                                                                                          SHA1

                                                                                                          0fcbbd0967abc67bf57a6ca0ed223f560b6ffba8

                                                                                                          SHA256

                                                                                                          7a69185cdbd1794c3233ba2646a7518d383258c15730031238e114c1b0a28821

                                                                                                          SHA512

                                                                                                          6e0153ef4bd601f0acd1af9d96f58ffa2a5a81d4ed2b6671b43f736ab1455249eb9e31870d6772b9824be86877433b23c1f22c01565ce5b3fda149403832fa87

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          706B

                                                                                                          MD5

                                                                                                          1fbc805bf2e543a4a76c4b670a5f498d

                                                                                                          SHA1

                                                                                                          e3fd5fe778c63c41e45bf9ac14a0d69a73ca4e94

                                                                                                          SHA256

                                                                                                          aa05ad7fac8dca93913847972cd700e45925acc20fbf6f6290ae5be8074c4484

                                                                                                          SHA512

                                                                                                          8eec4fe81ce663f3dc569588bb7c6eba495dc66b4ebe74308b2fa403c0e64b7dc3094b836987ef325f5c548e13a04857405a59dac3e02f4d6fdbe8b9ab05a68d

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          7eccd6c6939ccf1b0875a7ce273173dd

                                                                                                          SHA1

                                                                                                          f723d11b52b34683d4769a5bc75992fe16dbe353

                                                                                                          SHA256

                                                                                                          a825aa15fac24d7615c99c3844a51e0308d5131831a4513f8795598e7244c95d

                                                                                                          SHA512

                                                                                                          795c7499e3ee6e90b773838117e623443d519c9729f8636608a8cd7eb259f26b172300d66904ddcaadca785276d0988c268621a70f61581cbf70d878acb530a6

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          873B

                                                                                                          MD5

                                                                                                          a05a12f8a1bb69c3499bef1e40258d7c

                                                                                                          SHA1

                                                                                                          fb7d58f4b99304cff5d303942af483b1d748fc53

                                                                                                          SHA256

                                                                                                          d89ac9e72d6b8494b80fb6b93d2e35475fac6d3dc9bbf45b5f46e5509ffe3bed

                                                                                                          SHA512

                                                                                                          cb403e71e8e40b2a8dfbda820d4627d382d9c64f49eb916024864f64ecc2918b3aef64ec0d0ce807b44c87fd2e1df066f7f8f0bd9675454d2518a732d431b3a8

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          352c070b203872996bda1ca549a14c50

                                                                                                          SHA1

                                                                                                          68a05b9c203df6f05c1c130203e6bc801f5fdb7d

                                                                                                          SHA256

                                                                                                          414ced9db2040ed9d5a89a86b081d4677073a095bc21032947479dca51d6c334

                                                                                                          SHA512

                                                                                                          31deaef2570b2465f5307ea67ef06a997c24d1339c4a26307fd807245ed1c77b1cb0aa0405fba6413e1c1f2fa70d80e5b458fee319377bdc088b66febcf5958f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          706B

                                                                                                          MD5

                                                                                                          9189dfa40370a24e08f415d2375138aa

                                                                                                          SHA1

                                                                                                          dac94f29d33abb11368277d493c685d781584564

                                                                                                          SHA256

                                                                                                          399357a03b9f43419869f90228108d425e53af4232a46438bcf9986b9cb61e63

                                                                                                          SHA512

                                                                                                          68c593bee9bfac79b0c60255b21f1242a8f8ae169dac07ae4b149e607887c8b1b500151061d6812c48c7a0ee5c128ddf20683d554c0924152ebd8c3c8927791f

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          425394f0f563bc3653845ebd7d120031

                                                                                                          SHA1

                                                                                                          878ade8d0fa27caa18a99165371d82c2611e308a

                                                                                                          SHA256

                                                                                                          d9b93e02cb5085b0552fd8e35450ab560942099da3493d162b3dcdab3fc8f66f

                                                                                                          SHA512

                                                                                                          c0f2329990cb3a95a13094f958db039c1c965518f9fd5f31d14aa799d1cbd0dd825a63f18f42b25a09d991d31892cc275f187e75401f571fab265b9edd9305a3

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58654d.TMP
                                                                                                          Filesize

                                                                                                          204B

                                                                                                          MD5

                                                                                                          f479f09fec383cb3dcbe311dd890bb5b

                                                                                                          SHA1

                                                                                                          9d3c24214d94ce57091a22b6042b929589b12a51

                                                                                                          SHA256

                                                                                                          b3c31418a28b0324aaaf6afdbc9dee7dcbed974671aeeb965204066f4f1fa371

                                                                                                          SHA512

                                                                                                          944d87c7c545d8668910b139e1d4e0222709e06ebfa9f3351abbb8f987806d93c3a3be38cf44ea127c3bd543e76889c44296cc0253ca68d72f63e18b7b46596e

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                          Filesize

                                                                                                          16B

                                                                                                          MD5

                                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                                          SHA1

                                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                          SHA256

                                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                          SHA512

                                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          43a807d9438657838145d23623d143e4

                                                                                                          SHA1

                                                                                                          26579f84c3bc99ddfc3958258f2ed546e675bac4

                                                                                                          SHA256

                                                                                                          0d5e7a0134af174b8e90afca0ecdcde6e6806560961031cb84fb4cb6e3b204d5

                                                                                                          SHA512

                                                                                                          fb3e2921fd624cd7058aae6cb003ce35a1b1cf69e276c794e419c394734ed32da2f8aa5e04ed0fd2fe999fb40fab6415136991c80045b974b04d629f80d72937

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          c5ad4dacedcf84ffd68613394fce7986

                                                                                                          SHA1

                                                                                                          1da9fef3d83dbe93f9b55958b16fa6de28cc06ec

                                                                                                          SHA256

                                                                                                          7358f15f0c5c7ce8ddc7018a4558c03a1431666751006a37d4f080238c921da3

                                                                                                          SHA512

                                                                                                          ade5f7c6149ad958604c2005d0696c17aa6c545790068af24beef97526ed1e14659ce46ffdb22de075c347b6bc4d7e3014dbb6c91fd2506ecca99fb78a01cd4b

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          f1465b47cc35695861832275080f08e3

                                                                                                          SHA1

                                                                                                          adef52e04cbe7678e37acb89cbd7a990d9433990

                                                                                                          SHA256

                                                                                                          a88612c62d9bb3ef2c5caa0f3f953caea84994706cd899aeafbaf58cf5d906a0

                                                                                                          SHA512

                                                                                                          d84362871a9790e04740950ec2987d86f5d4598f5c857bf109f74113378e944dc73dc1fa96d07049b44aa82863730afb3033b7526955f13017a56da4808664ab

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          e2bf7e32cfb9ad8f323e8a82b800237d

                                                                                                          SHA1

                                                                                                          14a9f87e0d4163c7d586736bd3e67aa790afd39e

                                                                                                          SHA256

                                                                                                          8fc62554b232a1c5355eb03ab02d003136e72451ffd8ee55d1efc8539cb0e46c

                                                                                                          SHA512

                                                                                                          6a122a877130494e1d99df01a8282374c84c324ee0a69dc6309e0129c055ee51a967dfec38aada8dfe41793f9807039c0ec62e4eece7b55e678fcd4bb289ff12

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\a4dc3330-e548-4d9d-b210-1fbd6c6acbc0.tmp
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          59a73534ade093b35f8c665fcd4a03fa

                                                                                                          SHA1

                                                                                                          587616035247ebd126f55c04c40aa0341258d61f

                                                                                                          SHA256

                                                                                                          549f77740593f033e95b5f3ce7b43fc3051d2f79c0bba25fdfa59188ba5f03fe

                                                                                                          SHA512

                                                                                                          923a5065656c485ed64c443fc6853c88dc6fe4f5dd5e8f81c51d923ebf27473ea3c3ef4b9f03bc7b0616344afaa4875d711988a8d9111487451bfa410b275ae5

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe
                                                                                                          Filesize

                                                                                                          11.0MB

                                                                                                          MD5

                                                                                                          3890622389fa64559eb3035aec65215f

                                                                                                          SHA1

                                                                                                          ffb9810df58890a71d58e4f901a26e4cce50e7ed

                                                                                                          SHA256

                                                                                                          90842a4b97876d51d8471d78f6aea71aad0a83f30f7440d19fc9db96490354e2

                                                                                                          SHA512

                                                                                                          28e514c587d29364b080ce426ed9bbe88818b5f34ee468f06b6cfa399fa181f3efd1a8d2172b8da76971a7e4b0f51056a88728bb08854d0ad7b5c3888d378e05

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe:Zone.Identifier
                                                                                                          Filesize

                                                                                                          26B

                                                                                                          MD5

                                                                                                          fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                                          SHA1

                                                                                                          d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                                          SHA256

                                                                                                          eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                                          SHA512

                                                                                                          aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                                          Download Submit

                                                                                                        • C:\Users\Admin\Downloads\Unconfirmed 847766.crdownload
                                                                                                          Filesize

                                                                                                          7.8MB

                                                                                                          MD5

                                                                                                          70fd134f694249679187f94090bf2397

                                                                                                          SHA1

                                                                                                          ea58191ae8b732fdfe3a497bbced10a412bd1ec5

                                                                                                          SHA256

                                                                                                          18a8bf296ebdf1204df31f39b91754159530af4e22556e4fe26e753ab621af10

                                                                                                          SHA512

                                                                                                          c9f255878b6aca5d940b65e304dbf32a0b1d0ccafc4dbe0e9294905a8e1b1629daaadb1af55baa4c2015e723f44041113e214807b229558dd2f2de3539d04909

                                                                                                          Download Submit

                                                                                                        • memory/2372-5022-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5071-0x00007FFBFBB80000-0x00007FFBFBBA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5024-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5023-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5016-0x00007FFBFDEA0000-0x00007FFBFDEB0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5021-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5020-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5019-0x00007FFBFDFC0000-0x00007FFBFDFD0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5018-0x00007FFBFDFC0000-0x00007FFBFDFD0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5017-0x00007FFBFDEA0000-0x00007FFBFDEB0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5027-0x00007FFBFBDD0000-0x00007FFBFBDE0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5029-0x00007FFBFBE60000-0x00007FFBFBE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5030-0x00007FFBFBE80000-0x00007FFBFBEA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5028-0x00007FFBFBE60000-0x00007FFBFBE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5026-0x00007FFBFBDD0000-0x00007FFBFBDE0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5035-0x00007FFBFBF70000-0x00007FFBFBF7C000-memory.dmp

                                                                                                          Filesize

                                                                                                          48KB

                                                                                                          Download

                                                                                                        • memory/2372-5034-0x00007FFBFBE80000-0x00007FFBFBEA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5033-0x00007FFBFBE80000-0x00007FFBFBEA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5032-0x00007FFBFBE80000-0x00007FFBFBEA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5031-0x00007FFBFBE80000-0x00007FFBFBEA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5041-0x00007FFBFB760000-0x00007FFBFB770000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5045-0x00007FFBFB780000-0x00007FFBFB790000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5044-0x00007FFBFB780000-0x00007FFBFB790000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5054-0x00007FFBFCB90000-0x00007FFBFCB9D000-memory.dmp

                                                                                                          Filesize

                                                                                                          52KB

                                                                                                          Download

                                                                                                        • memory/2372-5079-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5078-0x00007FFBFE010000-0x00007FFBFE040000-memory.dmp

                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download

                                                                                                        • memory/2372-5077-0x00007FFBFDE90000-0x00007FFBFDE91000-memory.dmp

                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          Download

                                                                                                        • memory/2372-5076-0x00007FFBFB390000-0x00007FFBFB3B6000-memory.dmp

                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download

                                                                                                        • memory/2372-5074-0x00007FFBFB390000-0x00007FFBFB3B6000-memory.dmp

                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download

                                                                                                        • memory/2372-5073-0x00007FFBFB390000-0x00007FFBFB3B6000-memory.dmp

                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download

                                                                                                        • memory/2372-5072-0x00007FFBFB390000-0x00007FFBFB3B6000-memory.dmp

                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download

                                                                                                        • memory/2372-5025-0x00007FFBFE0A0000-0x00007FFBFE0A9000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5070-0x00007FFBFBB80000-0x00007FFBFBBA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5069-0x00007FFBFBB80000-0x00007FFBFBBA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5068-0x00007FFBFBB80000-0x00007FFBFBBA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5067-0x00007FFBFBB80000-0x00007FFBFBBA0000-memory.dmp

                                                                                                          Filesize

                                                                                                          128KB

                                                                                                          Download

                                                                                                        • memory/2372-5066-0x00007FFBFBB50000-0x00007FFBFBB60000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5065-0x00007FFBFBB50000-0x00007FFBFBB60000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5064-0x00007FFBFBA40000-0x00007FFBFBA50000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5063-0x00007FFBFBA40000-0x00007FFBFBA50000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5062-0x00007FFBFC930000-0x00007FFBFC939000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5061-0x00007FFBFC930000-0x00007FFBFC939000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5060-0x00007FFBFC930000-0x00007FFBFC939000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5059-0x00007FFBFC930000-0x00007FFBFC939000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5058-0x00007FFBFC930000-0x00007FFBFC939000-memory.dmp

                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          Download

                                                                                                        • memory/2372-5057-0x00007FFBFC910000-0x00007FFBFC920000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5055-0x00007FFBFC910000-0x00007FFBFC920000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5053-0x00007FFBFCB90000-0x00007FFBFCB9D000-memory.dmp

                                                                                                          Filesize

                                                                                                          52KB

                                                                                                          Download

                                                                                                        • memory/2372-5075-0x00007FFBFB390000-0x00007FFBFB3B6000-memory.dmp

                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download

                                                                                                        • memory/2372-5052-0x00007FFBFCB90000-0x00007FFBFCB9D000-memory.dmp

                                                                                                          Filesize

                                                                                                          52KB

                                                                                                          Download

                                                                                                        • memory/2372-5051-0x00007FFBFCB90000-0x00007FFBFCB9D000-memory.dmp

                                                                                                          Filesize

                                                                                                          52KB

                                                                                                          Download

                                                                                                        • memory/2372-5050-0x00007FFBFCB90000-0x00007FFBFCB9D000-memory.dmp

                                                                                                          Filesize

                                                                                                          52KB

                                                                                                          Download

                                                                                                        • memory/2372-5049-0x00007FFBFCB50000-0x00007FFBFCB60000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5048-0x00007FFBFCB50000-0x00007FFBFCB60000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5047-0x00007FFBFCAE0000-0x00007FFBFCAF0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5046-0x00007FFBFCAE0000-0x00007FFBFCAF0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5056-0x00007FFBFC910000-0x00007FFBFC920000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5043-0x00007FFBFB780000-0x00007FFBFB790000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5042-0x00007FFBFB760000-0x00007FFBFB770000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5040-0x00007FFBFB760000-0x00007FFBFB770000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5039-0x00007FFBFB5B0000-0x00007FFBFB5C0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5038-0x00007FFBFB5B0000-0x00007FFBFB5C0000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5037-0x00007FFBFB440000-0x00007FFBFB450000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download

                                                                                                        • memory/2372-5036-0x00007FFBFB440000-0x00007FFBFB450000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download