hxxp://𝐭𝐤𝟐[.]𝐫𝐞𝐬𝐭

Analysis

max time kernel
307s
max time network
310s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10-11-2024 15:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://𝐭𝐤𝟐.𝐫𝐞𝐬𝐭

Score

10^/10

google discovery motw phishing

Malware Config

Signatures

Detected google phishing page
phishing google
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

40 discord.com
41 discord.com
Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
phishing motw

Processes:

flow ioc

383 https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

flow	ioc
40	discord.com
41	discord.com

flow	ioc
383	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 8 IoCs

Processes:

msedge.exemsedge.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-940901362-3608833189-1915618603-1000\{352D69FA-0BB2-40E5-89D7-BB9AE411F2FE}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children	msedge.exe

Suspicious behavior: EnumeratesProcesses 13 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exemsedge.exe

pid	process
1852	msedge.exe
1852	msedge.exe
4484	msedge.exe
4484	msedge.exe
4760	identity_helper.exe
4760	identity_helper.exe
1592	msedge.exe
1592	msedge.exe
4736	msedge.exe
4736	msedge.exe
4736	msedge.exe
4736	msedge.exe
4876	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

Processes:

msedge.exe

pid	process
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

AUDIODG.EXE

description pid process

Token: 33 6088 AUDIODG.EXE
Token: SeIncBasePriorityPrivilege 6088 AUDIODG.EXE

description	pid	process
Token: 33	6088	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	6088	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe
4484	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 4484 wrote to memory of 3800	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3800	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 4368	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 1852	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 1852	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe
PID 4484 wrote to memory of 3208	4484	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://𝐭𝐤𝟐.𝐫𝐞𝐬
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa803c46f8,0x7ffa803c4708,0x7ffa803c4718
  2⤵
  PID:3800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  PID:3724
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:3012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:5552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
  2⤵
  PID:5996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
  2⤵
  PID:5752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6504 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7184 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
  2⤵
  PID:5812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1
  2⤵
  PID:5808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1
  2⤵
  PID:5736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8316 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9572 /prefetch:1
  2⤵
  PID:5284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9720 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10212 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9668 /prefetch:1
  2⤵
  PID:6152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9720 /prefetch:1
  2⤵
  PID:6488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2728 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
  2⤵
  PID:6480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2704 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9748 /prefetch:1
  2⤵
  PID:6980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1
  2⤵
  PID:6996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10360 /prefetch:1
  2⤵
  PID:5876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7820 /prefetch:1
  2⤵
  PID:7036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1
  2⤵
  PID:7024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
  2⤵
  PID:7032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10396 /prefetch:1
  2⤵
  PID:7048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9644 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8640 /prefetch:1
  2⤵
  PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8636 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1788 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:6164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
  2⤵
  PID:6992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
  2⤵
  PID:6868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9504 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9640 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9400 /prefetch:1
  2⤵
  PID:6532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=10300 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1
  2⤵
  PID:6624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
  2⤵
  PID:5492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8524 /prefetch:1
  2⤵
  PID:5512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6796 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:5300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
  2⤵
  PID:5920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
  2⤵
  PID:7104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8084 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
  2⤵
  PID:4316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8520 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10480 /prefetch:1
  2⤵
  PID:6748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10532 /prefetch:1
  2⤵
  PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10544 /prefetch:1
  2⤵
  PID:6892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
  2⤵
  PID:5164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10924 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10944 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
  2⤵
  PID:6564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
  2⤵
  PID:4184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
  2⤵
  PID:6148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9508 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:6268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7924 /prefetch:1
  2⤵
  PID:688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8416 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8852 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7012 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10932 /prefetch:1
  2⤵
  PID:5328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9720 /prefetch:1
  2⤵
  PID:5732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10540 /prefetch:1
  2⤵
  PID:6704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10676 /prefetch:1
  2⤵
  PID:1212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:6320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10992 /prefetch:1
  2⤵
  PID:6936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7792 /prefetch:1
  2⤵
  PID:6264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10284 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,6164133681822825899,7003016784591729621,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10856 /prefetch:1
  2⤵
  PID:6652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:392

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x31c 0x344
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6024

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e55832d7cd7e868a2c087c4c73678018

SHA1
ed7a2f6d6437e907218ffba9128802eaf414a0eb

SHA256
a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574

SHA512
897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c2d9eeb3fdd75834f0ac3f9767de8d6f

SHA1
4d16a7e82190f8490a00008bd53d85fb92e379b0

SHA256
1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66

SHA512
d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

Filesize
19KB

MD5
d81d52a7a2de9189891eeb3753aac042

SHA1
057b7068214f3af00ecf73677798979175192062

SHA256
5d59969951587d02ccf8e5b8b08b16f8b8b3110e26dd195cfdbaaaae99674230

SHA512
62a5c49989be283cc69609bedeba3e1a6f5d3a02edfdfda9baaaae7d55edef2fa80fecb22e9f5545b858c308cfa83b21a25768ea3ec93e4d6bc5d74c968bf2a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
47KB

MD5
55a93dd8c17e1019c87980a74c65cb1b

SHA1
4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d

SHA256
4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009

SHA512
f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
70KB

MD5
807dda2eb77b3df60f0d790fb1e4365e

SHA1
e313de651b857963c9ab70154b0074edb0335ef4

SHA256
75677b9722d58a0a288f7931cec8127fd786512bd49bfba9d7dcc0b8ef2780fc

SHA512
36578c5aedf03f9a622f3ff0fdc296aa1c2d3074aaea215749b04129e9193c4c941c8a07e2dbbf2f64314b59babb7e58dfced2286d157f240253641c018b8eda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
25KB

MD5
cd74fa4f0944963c0908611fed565d9b

SHA1
c18033d8679d742e2aab1d6c88c28bd8f8a9e10d

SHA256
e432edfafbd52fcdbd59ef74892aa2e2ab19df6647ae723b368fca529066a804

SHA512
b526216bdbc73a97db41edbec6fdfd09b7b4ae149d415fb5811dde03ad4b1b0247950abd78fef807ae47674ab1b56ff0b971fa5e305b26bc92dc07871313b750

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

Filesize
30KB

MD5
6fb26b39d8dcf2f09ef8aebb8a5ffe23

SHA1
578cac24c947a6d24bc05a6aa305756dd70e9ac3

SHA256
774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059

SHA512
c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

Filesize
68KB

MD5
dee46781c0389eada0ac9faa177539b6

SHA1
d7641e3d25ac7ac66c2ea72ac7df77b242c909d3

SHA256
35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642

SHA512
049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
52KB

MD5
95d04e8e738898b146c0f1a34a032bdd

SHA1
3f2828868d9e5624ac1d7230e18ca19ab13970bf

SHA256
3e4a9b654b7feb5c1de2dcbcf620f71bfa190ba77f5a716bd291efd765d82ef5

SHA512
86d130380b121f34489c21bff956c7a3cf55ab520387882c0b3e4aa150ebf7c447492b383375fd7fc33f9cd4302049af4542bdb62993b6cf9973fe531ed0fa3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c

Filesize
18KB

MD5
d3d71879529d7499ff1c58ab448640bf

SHA1
6a5190136344c0d18f40e7aa66f743345acf2a08

SHA256
f2b28dd3bf823579341040436d5543e261d70fc4d1ef2c28ce9e281c545b3ff0

SHA512
3bf45c5058223cbbbc6d9e4013450dafe5802948695df5831c317740c2c382a564d9163b9f4b599930b81f0626e30c6dc318aa0fdee49b89cce47300d27a1bf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080

Filesize
20KB

MD5
6327624317701c6c4924c87cfe7cd97a

SHA1
27389d815244682780bffef61856db93589b3ca6

SHA256
d3d2f1a5cb6c279d8b34d82680d68ce110054353249e9a2636bbb452cb7ecdcd

SHA512
b5cf6c5fd48dcafe57eeae6693d184e90a79fa3232b48b2518badcae3138c8b15b19d4ee95847dfd437cc852a9e6dacd7f22f49612e70bf3bea7f10aea4df533

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090

Filesize
21KB

MD5
72e5edbbcb81a56a7e9a6bf6d1d02337

SHA1
5b55cf3d97d7b2d9be9273cd554507d7b35ff525

SHA256
68020077828962ebcc359f2e68fc1ad2ace2cc661d507ca7e7506382c5ba9757

SHA512
a5fd4264058069be5940867f4b6ccae648797c485e982e0b96dd5878f8a13f9d83947260c6564e4283808f8aab0feacc71ab1d592957889fadca58195fbef0b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3702599e0b50e308_0

Filesize
3KB

MD5
03d97c7753b0f8f586adac585a91b026

SHA1
6953f629057f5206ae887585fd3d078be892edf3

SHA256
50edca2bf0fd31751e89c5418c19dfe92ed89b17ba0984e8a156855f26f00230

SHA512
8d1a9d561f8a1b84e42921f666bd2bc796cea363a73148469c701be79b8f7fd1e4941446150843ee6aea109bd223ded71e4bf79877df2339adda6317a39dba56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d81b16d663202c5_0

Filesize
31KB

MD5
d25897e0049f40e5f34b5a771204aa5c

SHA1
97eb9142b4d5a2bd45c5ca4fa302c50d392a54f6

SHA256
d0ee115ed697e1599d503dbda4c9bf595f1bfd03619fcc23260de3c9c939455c

SHA512
40df1493b77b72fe132deaed7c9bb82326e226b86fa73277c578df9a75d035e48d919358f87b27a5f79f52a6b410eb10cd53c9527470c8a7b7a23ae237082cf4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d81b16d663202c5_0

Filesize
246B

MD5
95a2a9573a8025e22380fa1c51819727

SHA1
0ad9d16201d93fa23cb80d1e3c924a55ac8ac943

SHA256
3762c4fcd5b3014f471f8472b0f73e0c9869267146d50f3ec614236f987bcc75

SHA512
acee0c848415194d709ac079bf3f27395b8a1031db55f4d258dd380e743b558cb30708367bbe90580df52e9934d9e4147dc137cbdab2f5f25027e34b25666173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fea9fc66c35ff756_0

Filesize
3KB

MD5
4b3c4f8310c19af7d915c5d59d06cb96

SHA1
3de756d672428ed2e5e47d968e94f3e724a30f63

SHA256
b8bf86d218dcba361ca6f662197eadffdae8f694415b60e91e677e1710cdc91b

SHA512
47343193cd5551e2c98e62e89a2c56d6fafd93817d33fcad3713e86e7674ee09b7006ef6bfbaa5693f3ca4d53447446fa18b88b40c1a1ab3c173cf44f9863623

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fea9fc66c35ff756_0

Filesize
257B

MD5
422e137f342ed2780f12a812a8019125

SHA1
b586b2b1f2d49fe03845aae2059a24c2885e21ac

SHA256
b0c27f5482c5bed21a7d40731af6ec738a46db2f31dc650530579419b30f33ef

SHA512
4c2c4c13c4dabca6220bd41471afeb94facf6b7bd3bea5954f3b2b00339def895df9d1b45daed2855bf3634039838b2edbf91af3259d0c126a71cf340f4542da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
d9e0a9d2322f6af59169bd1f611a4fe3

SHA1
1de27a08447a867f0cedd9f1324bd70e6fd4a121

SHA256
9bac963bd8848011ebb60c1849662d7b11a6717d69b3fc1bf980108b8773c985

SHA512
827d31ee89b9e45f97b4f3b8381951a4e724c93311a3f3e3ac828c3ecf12a3574f76e3acb92453d590854611ad60dc2376609668141c762ebd9eb4a9b158fffe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
07285833ed32db1584a62e8254ee7ef6

SHA1
9b833eae67796b9d3b90b967ce796f3c0b7dc12d

SHA256
1a5c9793bf8021b846443866f190fc1bfa51a174b6e318d4b041eb1368e085aa

SHA512
37343c0da4e6915a09a6bc14b3b1b3704a98cf30e577ba4e78dfe31cffa0e2cf2f5b5e4686fdb4908233b7dc4aecb7d03eac63bbebcb7a0a7b38263fb63baeb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
3ea2d5e212e850ff5bf241b86bef0946

SHA1
0e865834b4b8f945a6a2fd5b29a89e10d1a0cf8c

SHA256
9c36d78d4b8e0f10a82c50272009b6ccefd5f3b08a862210d3c45ec004a821d8

SHA512
513c622a04c3f2a9b20027f3601c0e8c079004c862748308d9e311e030c8803ebad17e84b0d5def933dac6b52aee86ce57122e445b7268615f28d54f479c5726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
eaf023b95965db4572cb8e74d7171b9f

SHA1
fd20cf9f07102a018c870af9ad9f3e09eb6fb2f9

SHA256
642b0572902c4ad3be6489ed26489858418313b9b79325888a4a12f74f8aa2b2

SHA512
c983bdf8e37c084be403bb4cbf54ef014eb4ef710787b0004fb754a5e6f06ff77f1cab31a4c153c45aabae6042d166cf04f01629b86616f504d01fc6fdbd5914

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
8153a259491f211842bda7ab970ad525

SHA1
fe4fb7dffd213baa55ff4d24eb89c145dc6294c5

SHA256
809fcae8dc450a06bf8a5038e9a26d41331a28be92495a3e87f111cb153e603e

SHA512
734702ab55fdc4d4b4ff3b83bb66743c24daf5b5a583035b815bc7df0581484e4c38074cfa2095e484bd64e50cd788e1240ca30a6541e955d1fa1c3fd27a0bd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
11KB

MD5
f4b2b6d6095db01ff91d5d17b1b0fb52

SHA1
bbf2a4696651b6bad2e4c338d6eba85b6e0e91f5

SHA256
f7025ba4c993ae3b1403605b1b122d7593892521e6de5248068188df7deb744d

SHA512
21806114cb2bfefb3993f150d663c8d99f59795fcc5c2d531b9707ee434dd542dea765b03c83c8c8f9549b65e98b66aeecb01ffc7a80633927d8f19c19e0f5bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
905B

MD5
c83713e39ae40273e1e0b78c45a6027d

SHA1
0851398569901d670038a0e921e7f1de385923f6

SHA256
96175055b4d8c326195c5cd7407521b2c2d095b09a91dfe753c2f96dfa07d851

SHA512
39ab28d580cc5b98edfef6f6b64251b0f10d48c6648555df05a98c39945890faf9b2bebbc61ef7b7ebaae928dafc901fb9808e8aeb502ba5f9b9bb07fd243db4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
16KB

MD5
31c67a5037878234b7fe06c9c059e827

SHA1
e1d7af9ffc55b61e43cd46132cbde2de54dfdadd

SHA256
7a6aaa209a2ec5ff886fac86e33021c059956dbf4f64942eadf87e16998f2de2

SHA512
0cdd6d98683fdd7437f27589fc2a58030d921cedb4a6387e9de64d6450357a7b3f7c8d2ca19c2574abd0b65f019b6bf924fe06ef49e498028c49d72e5f6ef846

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
16KB

MD5
1055d4a3356235c8d6acff8ec4d0aadc

SHA1
a947faba83ff994b2cee05dbc81428a2e0ba51ac

SHA256
888edb472c05d0b44494fd1dfbc6464c901949242b8724a8a21da0c483a2458c

SHA512
d8bda93ef482e249443b390a0ce6f70bdfcdf907525f4847946a2c35b1b246b0ec3ef99457f723b041fbded80a745d50cce07d757f59a17baff17b5d18068095

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
ad694b390fe9e3492f8b6582146c1604

SHA1
1b79ae65ad6cec1dec9ba95489373b67e20c0476

SHA256
2d752cfa2b79fd0a1a9572398345000ad47943569862e620078816ddb0b5fb00

SHA512
ea77a9ccea09d85f9c06440379d6fbe99f1f4e6948e227799f837bd499050ea443490d836c509bdc2824c96577da7cd02d42309361880daaceee98dd93f1e294

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
29157ba9d5c78c47dcc390dd4f0b9b55

SHA1
501c8abdca30416aa1e7d218cb36048707721368

SHA256
9e269d496f9cf3ca74004c815477481e3e9272e76bc0bfd4edcb701667f00cf9

SHA512
b32ef71de7bfc65ce5a5033e843eabc81eccc316811b6b48ef98ddd137f253365b84e29ae4de4bdf89c7a58f470fd980994d27c4376dd12c97a4ddf1e4d80ae1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d2a3c5554204542eff5d3a5b119f3d22

SHA1
e9c1d14190cdb53b4f36c619abe95cbd90319152

SHA256
fe869c95718b1c9733469243710a08260a4bb93f577688c1a32e91ed241538fc

SHA512
32d3d4bd3f8ada3be6c50bffd68ca488aad8a754cbc992d6b526a314bf17ae79f385af075229c729619da25be143a5f000d0ef1db4b68da9c332b6a9033e428e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
35bd2646d00bf3cb95dc3c09cf3cd331

SHA1
18d29bb5c95b63fc0c0ac33b8dea822817757293

SHA256
398606f6fbf38128e442443fddb7f32e79582c05c4136f85505ca7d253c0c9c4

SHA512
b1be4a6412c1b6fc5eca8bceacd8646ed1c1a6fd03439c06024b210271344df735ef87c3298daf1d8983212f99cf40c0a3086a91b2064cf2186192d34273fadd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
3d249b70ffd22499997ba704a90c0b9c

SHA1
25ae655ed2df8fd7b9fdc06a0c3e6d892b3dd75e

SHA256
78281aa2c8ccf24a86fa40f6cd34982c8d10d4121e50940b65833603dbb37803

SHA512
f1866f89c4ba47d255317d4fd83ccb1f21f4ba8d121346abb61b322addebd077f266ecc46c4eedeffe2cfa218b25166af97240e84d56abd77c918f4f0a531268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
f301ff580f485c604a3f1eccc354b47c

SHA1
07dc0e9447e23ddb819ad5dcd296b141b54f58cc

SHA256
2bb8e55f50e38b8f9f11ae83dbe3425726bd3cdefb2cb1c3753ea4fd9544e32b

SHA512
486ea9b8a6bbe2f8a238f05cd8d6df74a3185a406cc9b0884c3d8b6cac1d3aa0232e2ce68a46be1dae87682a1a6fdf834622713cacc12e04df4a50165906424f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
253da7ac2cd15e7fadf22bc254735c3e

SHA1
e3d4497a2a9d38ff04f4008d1832c2e91cacac3a

SHA256
7a714db9fb6085fe0366f98a4526760ac2f7a0beed5c8d88038222c2af5cb509

SHA512
628838b5b81bb12b5a3efe1d380f5a990038e36147ea75c20525e7b15f4520bc9b8927942096ce815fa7b6faa3f4a527d17818d7add36936f455e5022fb88c87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
503313bba2217fd0202443c4bc765468

SHA1
7669cca297ef3d7f1cac68e564ff6446842e4a70

SHA256
957e50e973a6ae945ee309b01cf2e4af94ba2ea8f33779ab9a0f1231d53bed61

SHA512
a2433df4eb47deaee2d1cf21d15c15465ccbf9e2b4657d2d9b8b939429c7586272e6e0ae1a650ca1402855aab427ccf13e3c1b5593c2d54cd1ca807e5a1bad81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
b3aa3bd1d841f422a0aac6cc571176ad

SHA1
7a72c15da6408b44c0ca8a28637d3f843f2685c3

SHA256
9be668d36ca4fc8012f88c6722b4ae9b9d0c77185eee5d49e5317fb65d676c94

SHA512
4fee18bb5143c9a74a8221756882236635f6cd56420958e3efe2b3349e84c633f3f9e71223cb1b4078998af087a4219f10435edfadf86820f91dcef297bb0b83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d70e390d772c49cfca8ad7726eba546c

SHA1
f92a5dfaa76787c43970e221ff29cbe2b65c96c0

SHA256
3b9847e3df6ed8132dda2b9beb98a542c2d70fe267ecf2420c86c9a39436115d

SHA512
f1e9eef2b0e96697b7ee89edbb0d8112a5f71e4202f832837c4303e5f5a05b83007f92691a347e57223c00cc464d3fe28ac915e96700c55483355ad4ad526b69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
d5e2066e31207bfd816e35e27f44dc3d

SHA1
652b2dd21274ef45fe9326339cd6656a65d83501

SHA256
bfca6775c5b37607772069e166736a05d1b8eacb092441f30d59a699ed857645

SHA512
6e1303c99dd43802329aeecce414e23f9ba8e642cbcc86d26dc66f81cc80682945e6d263c1ce02b055f9bfef23383d7e88fc9a31d296ccabe581c896af0c5d04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
7b085da9da2951ab5faf9e7e683e028c

SHA1
2a560bdf3721b238a8913572d74e11ba2322f1f3

SHA256
064712515109edec35a1088cfe233d66158f827b6989357fc1c3a002605c2ccd

SHA512
274dde866a596ef7a0e414343a258d230b98f087482db8eaf9421afb3a170e8d420f5462488e8514dfd3e88345ec096143ea05ef0256884c5f7617f14ac39007

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
ab99a9ea6e9936fac92b1ff1844e122c

SHA1
6297da1a0a5688c5409aebb8d77eb536ba86de2b

SHA256
d95928a7da93e0bf0e1fe7c6d7b19818fcba5cd1f3c87b0a89b6f9d4a1344459

SHA512
b35212a633b7f8eebca474fd22150da77c9934f37f9e29ff021fe423cf47c3a28f109e72043986a992aa8863fbbf9d7087c48f92ff1ed6c37c8e67bd11f9ffcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
979749b50fc4f028ac76f620b8570250

SHA1
9ac633b10ac744ecd197cabf32c6105dea0c2a5f

SHA256
f9725e3062d813732887b76516f80686d0e8311b9e6558e79544ce787b489bf3

SHA512
9b78d75087df63f6991d641e08177c6fb8ea092fe9bff22b2461c2685841f5f2cf0336735e9e6274c110a13e22fce5fdf397f846d61e8172564a61f7c8bfeb49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
3fbb824a0c0e54d6c080e6c981f0d85d

SHA1
9808e73f149c1801bd7763ffb26614dec58e22af

SHA256
a0972a11a4ef1cd1db5a4413f547b6c73c8c3ba8ac78158c2c80074463b0a969

SHA512
fdfc8185235d6404d97b086d07319507a7e7371ef20286a7a3d32013e0600e644df56ec9ec64d3ddd5d8fb1648c8fbd5cf0ae71a89a7aeaa335146918d9260cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
211b9f17c6c26b2757df2003b989ece3

SHA1
7cec4fe3438d86a4f94e21860998f4ccd5ff6c41

SHA256
afe8417b9de729fc4b6ce1383ef2c19eda99b733c6ab73a9b01b2130b966e7fb

SHA512
d6e1e90f10759d148be94cec16a01094c0e283415875924620fc0996b49fa4d816df517fe882611db51f0c04165fb0a0e56e3dd86aa4087b19b9b452074e7d48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
1915d37f9a2d8fb0ebfab0c1e62f7486

SHA1
7b076192df45be1df08ae1ed317c3baf1296778a

SHA256
09cfc89ca3b2542baa594f63d68e653720546a7de9442d444119a26e67d30f7f

SHA512
e0bbe139bc3cede355498400aeb9bed082e27182471007111b5dfc03b28b1a247b5606de38c1080f4e013dd38f31248349d443b95e6fb524adb3ff80c81ebb5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
3e7c32325f37f2951e9157869e8682ec

SHA1
b5a6547592aad03018c03b4f4d0f2cc26f232626

SHA256
3dcf90c891a65c5939c97a30b6fe5d80bd5257efddd427838664843cf9ccd3a8

SHA512
1e72ef1616b13afa18eca3fe71a96967a7333d14cb37cae8a4c4ddc62578d5b2671d09e8fec81956045a1221ebfde94ce8952c992086cd936d8d9e29b789da61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
f243857d551ef1ba712f55c17cb65160

SHA1
750993de11b9f2cbb7660ad9b83998d4cc1f1151

SHA256
61a995e785deb435ef534e841d220f27b663f3a7a6eaec01d9688bade81c62c0

SHA512
f07193ca0e238ebea31bdbe68d0bc527f6016db320c537da213bcc0048d768e47db195bf106038543cc00d3607ba110d76ca58dd94b14e24180cd31e33c52390

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
85c32b693eacdcfbcd27f0ccef0ef2d9

SHA1
4634cd0b9e28254a89788fae53dcef8ca82a3dd4

SHA256
5676c06e995c087b238c5a714208e1506c6aba1040f78be2994d99487da9fca9

SHA512
d51386f071c47810698510586e65e0f4bb6401bdd54bd7bfcd69e6a694b2dc8e5a8f6f32d08d785eb4961d2246413e9c5f175e85bdd806ac02698a70ae42239d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
395c9455f8942cb29aa8dda597bcd6d8

SHA1
64e51394cd2ce5689108f9251a98fc7f92758de5

SHA256
db5de3ec139a0eb94f1548403989d4db1c15779be97fbf03389b2aac6ae2afac

SHA512
3a02ca1bdbfb2e5957929b614728826f2c43f7b9985795bb14564b4bf072eee40bda61821ebb871d93082d91f0e7b9b26bdee6d67548b583c2f560bed18231cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
b3712ee9bc2b2c7b2574151e9db5e701

SHA1
f7faeba422a38d0f9a45e9aeb7ffee0d55746af8

SHA256
9d25b985e9362d26a20a574cae1a88c53f2b55932b1a386705ca1ab16d0a2369

SHA512
6ef331877093c9878bb1d8e3c68183fef81233b1aef30146f8c427e4ac12ae05435c153e1abe9e7c421af4324658f246e179a1ade32bbac98dff01369d176c95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
6b23efa6d43632c2eff9d370d428bce3

SHA1
075978ef14193df3c296baac3c9b931497fd2ec4

SHA256
69e1eaa7a2ed536c43af935fda762fe9f631afb4eeef4a4d95176efcf7953be7

SHA512
e2c08ff2a19a8964a5d91f3ed8910ada3f145e5602bf41a0bc963db3c879bc0fa9a059c4414e61c65fa15bdcddea42edefd111fa7f8e33a990df50e47f583a45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
358f4b938f77ada23a72a0df374b6027

SHA1
0dabbc1ec720f9ed6671e9156837b8c7f9ec7d06

SHA256
5e5bc37dac395609edf8fad6a6255d89122a6ed79a94c7d4f6f06c9f5d02c9f7

SHA512
65c0f658489edc4dee9e18f8c5616a07d578992725c3411d7e40937cfa3eab5eb0015894d0bd410c315d06cc1b970db8e8d6ad718bb21d9e9520e58b2b1d7ba2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
39e4ee64ca6777f3695d8341e053d644

SHA1
f23dfa8c6fbcfbb7fcc318f85c81e27b20209278

SHA256
f26fb838cf38f4ff2e7b2076266dc425280367ae57a81eb559183c841bacd345

SHA512
4b0b448bd3886e548355ce132c994fbb53edf05b9ba0135779603d617a51f1accef6014b144ba95e856be2fc9959a89a9447e37d0557cfa968e1ba67d1ebfa45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585e96.TMP

Filesize
370B

MD5
faf5c726d2267f5fd7aeb6fb557cf9ba

SHA1
c6a8957f3bd0005e25aeba0b3ce8d41dd0e98496

SHA256
240e6c91506244cf8dd97916f781d11d824d64376ddecf863fee1cba718c0beb

SHA512
9d8bab25ecc9b79620155c7b69a61549b36ce1bad90dd1e92e5e7a8ba6a55a144b807820a0f6d3a58ee860cc3f24ed7e4469ced344539aa90ce9eb75df4cb7ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
01c9a61bdd688fa589832e849110819a

SHA1
bdabb4214e197d17fb9fb0f4ed46ce6dd22524b1

SHA256
c7dc12316272306ee5323718a7a2b3f737894d5e503ac6af041ae9fa275d5249

SHA512
c09ae85976bb26aae32e250dae3df16b93fa9ba1126661698d1b811e151fefcf4f0ebd8a26274ec92a3840bd53b562991d395e818f9f60df36548302003f713e

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
627e8c6fe54d5f60b8ac7d0726909e11

SHA1
510b5838091e2e636632757801d3e31e142dd50d

SHA256
47a19e4f88c46af979a9ee208acabc3c5039df72e380e137f3c416df97709995

SHA512
98355352513ff93abe874f737ee02a6a1fb0b1fa79fcccb214d46442cf0a1cfacafd40f6aa3850e5be4c2fba9c9ec6438a58696bd3a2c48d9e6f2e03412343a7

Download Submit
\??\pipe\LOCAL\crashpad_4484_LGLSAABIQTXZMIZN

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit