9277a836404529372886a0e44f1c8f72d8df4cb7b9302f0a8089dea09f1be291

Analysis

max time kernel
2700s
max time network
2595s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
18-11-2024 14:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Screenshot_20241024-225401.png
Size

253KB
MD5

942c861a29538d4d5aaf9b0c9a36d676
SHA1

7f31d745fc6f660e352b0a9c95717fa0dc8126e2
SHA256

9277a836404529372886a0e44f1c8f72d8df4cb7b9302f0a8089dea09f1be291
SHA512

b0dcecad09b4955757136f050705ace4faebe5f4be3d0f7515416da952658d8944f2228455b0def134573e901a86518877e0278b026fbb85a2b72ec1812c26fd
SSDEEP

6144:qLLU2YVHddc5VOVrnl9GU4XHKOD9dQeBdmpU1659UuDnjUboeN:ILROHddc5VOVel3KOD9KodmS1u9dcoeN

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies data under HKEY_USERS 17 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764133738096658"	chrome.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432"	LogonUI.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "55"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2499603254-3415597248-1508446358-1000\{493840CF-9EE2-4E7C-B2B2-060BA38CD018}	chrome.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
2420	msedge.exe
2420	msedge.exe
3720	msedge.exe
3720	msedge.exe
3216	identity_helper.exe
3216	identity_helper.exe
4800	msedge.exe
4800	msedge.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
200	msedge.exe
200	msedge.exe
200	msedge.exe
200	msedge.exe

Suspicious behavior: LoadsDriver 64 IoCs

pid	Process
2852	Process not Found
436	Process not Found
2284	Process not Found
5024	Process not Found
2456	Process not Found
5032	Process not Found
2064	Process not Found
5080	Process not Found
4180	Process not Found
4076	Process not Found
764	Process not Found
2180	Process not Found
2880	Process not Found
3152	Process not Found
3920	Process not Found
2844	Process not Found
4260	Process not Found
452	Process not Found
804	Process not Found
1744	Process not Found
2608	Process not Found
948	Process not Found
4736	Process not Found
3952	Process not Found
2092	Process not Found
2840	Process not Found
1604	Process not Found
4992	Process not Found
3108	Process not Found
4056	Process not Found
1332	Process not Found
3640	Process not Found
3436	Process not Found
4896	Process not Found
3796	Process not Found
4176	Process not Found
1832	Process not Found
4716	Process not Found
4540	Process not Found
1068	Process not Found
5016	Process not Found
4696	Process not Found
1592	Process not Found
2016	Process not Found
564	Process not Found
4692	Process not Found
4008	Process not Found
1236	Process not Found
3716	Process not Found
3268	Process not Found
4200	Process not Found
4496	Process not Found
4868	Process not Found
5092	Process not Found
3560	Process not Found
3820	Process not Found
4852	Process not Found
248	Process not Found
836	Process not Found
4412	Process not Found
4748	Process not Found
3532	Process not Found
1016	Process not Found
956	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 29 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
4636	chrome.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
4636	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe
Token: SeShutdownPrivilege	4636	chrome.exe
Token: SeCreatePagefilePrivilege	4636	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
4636	chrome.exe
2420	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
4636	chrome.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe
2420	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3472	LogonUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4636 wrote to memory of 420	4636	chrome.exe	81
PID 4636 wrote to memory of 420	4636	chrome.exe	81
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 1256	4636	chrome.exe	82
PID 4636 wrote to memory of 4244	4636	chrome.exe	83
PID 4636 wrote to memory of 4244	4636	chrome.exe	83
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84
PID 4636 wrote to memory of 1552	4636	chrome.exe	84

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Screenshot_20241024-225401.png
1⤵
PID:4276

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffdf96cc40,0x7fffdf96cc4c,0x7fffdf96cc58
  2⤵
  PID:420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1820,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1816 /prefetch:2
  2⤵
  PID:1256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2108,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2112 /prefetch:3
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4444,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4740,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4768 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4860,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5044,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5156,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4652,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5008 /prefetch:8
  2⤵
  PID:4468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4636,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:2
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3184,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4976,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3524 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3172,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4448,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:8
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3584,i,10081488490940659018,17189163458195804652,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4064

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2044

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2752

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffdd713cb8,0x7fffdd713cc8,0x7fffdd713cd8
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3328 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5248 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1968 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:32
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6060 /prefetch:8
  2⤵
  PID:784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7012 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6936 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6532 /prefetch:8
  2⤵
  PID:1148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,7030063180524088371,3495065578041958142,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:2052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4128

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5088

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004E0
1⤵
PID:2764

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3020

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3a3a055 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:3472

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
ebdeb717b654bbb4ab058102f52ea4bb

SHA1
d3b1f0b955c8227706adead14823f502a6b440ca

SHA256
2b03f588e3528e18b77a49843c76f0556b05cb87c79590e6a25281ea33d34e84

SHA512
c922dad65323627de1d86eb4358c52fdfa74d43fbd845fdbaf8b55d17332a33da32f052a0665b86aaca14b961d05db5c051cae061ee91f6c57d8a9d28b287612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
e579aca9a74ae76669750d8879e16bf3

SHA1
0b8f462b46ec2b2dbaa728bea79d611411bae752

SHA256
6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf

SHA512
df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
dfa3e1b62e5e73a2d9d7f5480ecc5eca

SHA1
423e718019705920302506022ee84f62ecea7986

SHA256
571072e03db01b1ebc4258a2ecfc53ff8eeb1950df3210e976ad5b9e86e8cc70

SHA512
39f1a6f15cd77fa0e0846071c8b59b3be18641f70295201807250d298d710fcba14526d46122fda70c695cb66b63256286eaa5807804e8e57d3f983d8e20d0f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e93e3164184ab43e2d85da3fc2d91c7f

SHA1
363a141c11b0a9097b655f2af79758cf3087ece7

SHA256
c253f16e1d07cd8da8640c617bcdcad9caf49a71c49160618becd242a23e9486

SHA512
13ccc066c45fd764d658345cb0b49666fd5fd875e3e081f20bbc991bf17549647ff4df9782970ab33570a337aa4603d783962d80af2f318fb126b37a17257cb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
986ac8c8cd058f67680f31bff0279d02

SHA1
327119075ab0997563af754651ce120c74c2c00f

SHA256
00cb9c07c8b72b594f29600b80f7ec173c166bfde3b9e2f94f1428b4e8437854

SHA512
43cb020d98d744ee57173b742637a7bdca6924bc2c81ec73721010148190315e007f4f817f012d101096bafaf61582609d00427ca7bafcd267f156a224d3c9da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4666f9c9e0b7e0a74fabc622e77d441b

SHA1
e3fee1bdc2d5c0bfe30e70cc495cf5974f0f1300

SHA256
60a3731c31038870af2c159ae403a69539f873cf04a1a515975a7b538dce1700

SHA512
0b5a2996d82205111fb01673112bd5f572c16dfb9a95dedc20fde1f467cdf7d72b0391679e7517dcc1f751b4292c03f0ed21e010e7b30877311d378d97a76629

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
8656b24cc4d6d2b5233378fd95b6750f

SHA1
5469df27dff2dda96af62acf9cacc7c0ec72d85e

SHA256
2d567aab730c2228501333ceb11427ca07b68cb2751e041ecafeed830b0f4266

SHA512
4b4c3c81eeb1ed0f05b3a067f52004b8386f36f64d977947796a6c0895c1104581e4ea2345306f33c9ad543f728d6ad0875ac3ec6045cdfc7a38dead323ef149

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
88f8c0aa0bdc6c3d642d44391992ed40

SHA1
e2e423007b9038f376244ff65f9e797014fd1137

SHA256
89af3e4d9869ac17f31b288af1e823334fc580425a1053ba4763c27042ce86f4

SHA512
09432f0d9d5d954204b35bd66e95d951986555e79c7c803d8e210bfa7610ae641771cc4ba74d29f3ae166b5a26294e9a6199c9e7881e6649fed33d5bc2e8b9f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
64524fc6b064f28a896d385f9877f91a

SHA1
86c9d1192647e53e47769ee2f7a8bcb9e270dd1f

SHA256
28e25062a56de3de8b3fb3815d4335e2248adc3aa43192ad8a0eb2fe01f01499

SHA512
4c5492e976197d7ae30122e6d80c240020c86294c7cba4cee22bf409cb00a6516c0502d7401f94b1d487f2718537ec885fc5c30f17ef371923a306a0a4609900

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
08ebb92d30092b00f3f9e8798b9bf923

SHA1
b314498d89908d5929d874c28afd0640abb50cda

SHA256
12271679899ee3a3b342d90fbcb6f052f35d09b19893cabef5cbaa77fa2ea070

SHA512
b59ec36e5c59d0111de7ffcce77e244c05143d584ed6a7a151f810eacba0df5454f594dcab5c4a1334a698f0d17d92f2604d2cc14ca7a0f11cfe281c81d46e4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2c896fa90bd81e0be8663cb7eb8ddab6

SHA1
2891097e62856e1889edfc7336fd71afc620735f

SHA256
ecf78cb65005468084b09a5d7d7527cc37f8a364c1add07fec0f436ea4af723d

SHA512
269da3f3605ff519d0b887174d17f5f04dda35746a9e2ed10fd25e49094f911f4cd8f7daa403dfd5ad20fded985906f140feef7a06ee1cc47bcfe02d0dea0370

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
2b5a05afb7577260fa706f38fc168bb9

SHA1
601029a08707375c4a1b446e1194f74ff5250267

SHA256
686ab40d4a1585ba959b333ca3d8ab4b77e4254aabcbb8fa7cd9ab8ddd4e65c5

SHA512
75289252c2c9bf830069662a1d51e7a20f0f8be8bcd24c2f388d1dd5527b31b7ab3bfc1272c02eff96fa13658ab2b6d719b16f4d351424f5f7a0d7e0b8c1aa23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
06a8672f22cd5a000e605d062a1e5210

SHA1
5da1a76c52f9b1095ee5852f12d4832945b0eb5d

SHA256
33dcf774c64b062298a1893d4fbfcd102333435cca86528f8f69ef11140393f1

SHA512
6cc7af0290be19f90eb7204d9ddd092b4205bef86623e3e9f4d122e72dc89632a8dc3c95c5052a1b400d3fba653249cb9293d809f14016096f70fc44da85bc1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b10e544b65fbea5b0b5a3cc5b7f5f665

SHA1
46f3cade79ff88e62fb283614c2bb56632208076

SHA256
5471ebed9a9ba6b601405b9631978a129ef5c674604d8aff620342471d8766bc

SHA512
d18e151c6852360ec8676e742b3f1e45fe766ae7f3d065a28be5ca748a3a09430be16b1470c8ee9c711b0f0884104fcd63ea7483be110b3dba0ffcc25beb6595

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
46037952f191947ddb9ef0589401930a

SHA1
ce7692e18dc24da19890310d1c2a82a8af45644f

SHA256
ca6e613c32c981100fc34846bad0de802386c51eb68207d70db7d402de7a4542

SHA512
7c2f39bece0b8c99c039990d2eafd117e0804941336045814197c8b7dc56864b7e0ebb15c28ecdb2fc6483ec1f665314a9795e02ad13e3af8c33a28178730699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
481d56fc29fcd40b4d49346577eae1d9

SHA1
6d239403513c20a5502515ae4f1b866f8ceed174

SHA256
737c2961b095669b373d00136302f760832b420794adde3060842b6febdf73f8

SHA512
d07cec6ac8a9bbb10dcdf640e34ac8b60678e822e989bcd542c58858986e34d9313792a78d97e2c009367ccd3940f5e60af765fbbd5e28ef5112fb9bd470d6dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a858404fa0e748de74b7e3d8d74fd734

SHA1
0190bf0aa1e84ac489fcc6fa4a33df74460d8e82

SHA256
084b2b5753bb27b33f876d2c33b5c87391384a6517268a16392190a29d5d5653

SHA512
66db7b8b4dacb5bbe921fc4af313783cb4c1ab9e17d7a97091cff1efad06f14ec8945f353dd8314d15b5a5d905705349597963079ffc51950122c7b7a22081e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9ae7982139e93a31c2677243208451f7

SHA1
e1d2a67f777dfed5028fabd32b864e53ddcceb52

SHA256
568cde47e9be9774ce4dcaae927a9d2138d07e96a191b3c457e616ff90b2c8ff

SHA512
5adc97e296b1261c23f2ab9539e884add35e29cbde7c6cc935242ff444866ea95b2efb485508f601adc4bc8b8a060de18d563fc6b809c3f34ae1f8e3e04e14b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a98d8754c39ef51b3537d20a0bee2a17

SHA1
49eb7750f7243e515211a2ebcc1111adb2383dc1

SHA256
e28d4c8695273c45bd9d4c9def860025651f13e4f343b9b9eef331687558150a

SHA512
6622185de1122ce921f2416b918b0a086c2fea7d420c3b2b0c79330a0113753de81b50c47928f87f7b5b171df74ecb0fc4749dd8f516ed8edcd6c053513aec64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ac12066ff61b24bec316bd61d0d59e1e

SHA1
8fa9cd4a96135bafe198df4e06902e4cb30a4cde

SHA256
5163cb81d56fa5ca72af9fc61b39e525a6e79f94678f1ce055c688dbd06bdd21

SHA512
83e4e65bd2af053415db338685118e54b7cb2cc1777c6e5afb77d09918b71f65b2e3f22b459fac229d99aaef41fc8e8fc7d63e194f65f65909622fd04e67f011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8eddad896b848c9b169f88bd00adaeb2

SHA1
7c5b6ffd3a9da39c1c67ad2606a6617359574d9d

SHA256
4bcae60c673dab908f1f7a548a802563f1bb19dfe613fab39602e784fc52b151

SHA512
ef5751152cf699d9a20b0139de20f7e6c82de786a5a33bcfde036e4157ea381f7c683e4c2b1ce1ba2a389678f85b67144dfefe713584c23c71da384cec2f6a52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7a558182129284961d4cc44d5f14ba2

SHA1
b19f15d228a05c0a6d6c725f1947d5c5564d6dfd

SHA256
075cf930d4b1146f77342139966eed23a6f4111459346bb2dacb08df50b7654d

SHA512
7062998212f8c5ffee249955ae54026a292d4f3add2d2a3940419ae7f7abddb9c9ca37df2b39524bc5ff21bfbfab19733aa40d073db1609d60ff1d7742174d18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
74d6708665269c02d1b3b198cd8669b9

SHA1
66d60798b6d6e8b6bb8639d6bcda15d304dcccb0

SHA256
376f7e0d5ccd20ba6435d428a56c3762b4531ff31cc5aaf33b4651ad969bc0ba

SHA512
f947fc345c243d3c0da3f56c7b4806d87057d95aa06e2fc684dceb7c54889425ccd600d945aa1a4aeffccc0af042097187a6e88dc7f3b4422117dd84f0ca9130

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
59c749ee2bc63bbd29d40cc532b21f60

SHA1
ed2c8aa9136f0d0b2681633647f7ee2f19875f9a

SHA256
3c657fbfa2b862f7fe7362c40d10cf30deb87975df37991b473ac46282ae86f2

SHA512
d040f442f6d90c21e1a330e5ac7d492885d09fcd1a9004fd3cd5ee90e58825ff4b83ed5bdbf1882ec7a71cebd393f93e288e2b45db2bb1119865fda215d6b8ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
990e454849e3e0e34cccc4d80117e57a

SHA1
0d7621f8f8e23741e463356e3784fb3e0ad7bb75

SHA256
028d4e2d13464666c14dc3bf817bfb1211038633e6ea3e49397a25a82f82ee81

SHA512
febebf8c6b5ed9431d5d403f8107914edf74149068f08d1d6668a7c96dd92de4a4a9520d0dd0b7989f7e32235de1bc20e06b1f86043b14cd593e4276ba7b9040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6c4b602de74376c65359a469258bb509

SHA1
bb9f0b9f8bdb76dd9613798865617d81acf471ef

SHA256
77f9f1cd36c240a09eed1252972ae7401cef58951bcc71a572c120709d2dbe35

SHA512
d0b280a0f4043285c6546e65a27e7f6d31c896aafbdb97c415fda7311681a9c25271f83c0685cc85910b3b4e309e4b67f11be114da668bd2c141779babd7e394

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c1c759905f61036317f6fb64500b65f3

SHA1
d5c7bd17186bfefc19a50a5daf92087c1f51114a

SHA256
459e5a41565a02d1f2a5d53dfe0e6b3fd71b7ff6edaa8e1c3eb782ba6b4a7fe2

SHA512
47b4b5a8d91b5f0c6c4bc9bc9f058c286c69b0069213caa4680b517fb6e34024daae51ddf201daa785693154e07f2bdfba4dc88797acb4111f33d3ac4ef34f50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b6baae5c2a7139c8dcf5d5edea637ea8

SHA1
b2ff6bccc8fa395a761dd5fe242a62f6c1fefa12

SHA256
6b27597a91aac348573d5b3d34e3e501941ee567efa0d1d94e49d3f63010dbbc

SHA512
b813914af4b9a25e558804beb6742229423c0d95939fc9d829205d3a63a7b5507b9591cca13b2671a5b4409e578e4bab9d7ed8a9915321b7a373bf19d48b6a0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
32c7e6360b6885f3652953b112f0bdea

SHA1
f7c9069012ec0e8ae11237e5a51d75e50134cb50

SHA256
d4926fe2dcacc54100b3c45b18c4a3eb7d3177dd6349a74242ed2c911d9dea19

SHA512
385f74f8b83abd38d9e3be71754e9a420875cb9b7fbdd07a0efed1cae1a1fdc36e682bb8a814eddf2e01616d40406707365e3f260622830ce8cdd6de14c3cb48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1243717f7df7ea62d674c14254b643bf

SHA1
4646d375fdf40bf313382fbe244658b6faf28920

SHA256
7964c9e85a3e1a719d64614db9178624990be61e54b371aa5bcf0bbeba3cc63a

SHA512
e105ab784eff9b53f1f81c662f3f6eb807d4e72090f3741590d2f02a4638390d2bfd1dff42b15983ed62aa72620fc456e5bc8bff1e9ab6477900f4fe8b022fdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4e87d12896eac46fafc9b1ecbbf69cec

SHA1
aa26e9a68c7dec1306edd86cc3a29c1aa1beb172

SHA256
720912f7416010f5729eff7eb71f7aa510eb2c1f7af6c1e132b4a03e8948d98b

SHA512
cd97a948eb771a40f1ea40a13605140e8dbd5cb31a6514d8c818ba01681ffdffedd46c682e4b0736618bfb7d8b871d7fab73259f4eabefd591a7b79308ff2878

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
d65d64464ba9b7fc5a7c38f8fbfc8183

SHA1
68b1ce4b332e7c04a0bae9b012285d724822e0e9

SHA256
3293dc493b6abfbc1bcf9f871e13fc8f991bfae5917a1830c235bc2477567e25

SHA512
8cee3879651fbac53abfb1596e92202bd398ef4e4d041cbca1e9516ff63934af204cccbe17f365c24339f6eba14770dd5a2b3560d0a37804bbd22c1359d1397f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
49b4bf02dcaadd473e1709a4dcd79f65

SHA1
ccc9e9635a5b2104005500c730319f06da3c1e71

SHA256
8b0382a4eccc17e48f11ea5998996d4838e0942ac013935d9984619f8e4106dc

SHA512
776ea55f406e99093a17b737f2bfb8d6925700375aec4d4b371b7140a2c8706bfc4a97250799b2cc448ea969eb934cf74fe66f82f941089bb3352b8a32e6a3de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
0abaf0f4633408a2097b05a3a17c52bb

SHA1
1b4d8a8d78933f3acc83a48a3e5481ba0b50ee6c

SHA256
b2f3b7cb4e63aa1260e4d11ca1006be647f170f54cf2b871eb6b1ab53538aa6d

SHA512
05e2654873011459bb0aece44e031bbfd84a38d2ce77af3603519363736672705c2bc18b17cf01dc588ae0410747dcf11cc26a3389da30274fe3003b41fdd4c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
e80249775a1848f582eafde7318b75f1

SHA1
d4711cf70a95e9625cb6b5b976be655a8de7d0b6

SHA256
c46ea97d1cc70aa19c691904d92cc0bdf8327f1537f832edec8f34c3ea496285

SHA512
7cf30ab0242dc9624195c249b0ca3cc9c860faef2443552add75323c64501ab5b47c5c7127edae6631d166bed9f9a486d5b8d89182626315d46e92a988227f25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
ea4bcf47a29a3d491c56776df6fba71b

SHA1
69e51dd131d13bc0f9d45b11a93cf1de84060ae1

SHA256
375c5591101d6dcd96ebfa19eaeff9cecbafe3426cc48582ace48eb1963e83be

SHA512
248295407aa88eaef3e076fb0985aa3eac7d86374662e8ea42bc6d6eb87e8e01e8468d7ed4a721063fa8ff7165b2198234f52379bd89ed1bedeacc64a59bb657

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
a5fe3abf09643b83e08a941ae1353af1

SHA1
68874da67fc4a4922b30592e34202f5a15f6d0e2

SHA256
36f05fadfbd5d0f293a2c703585c9187aea1a260991d43525b901e7a26dcde3b

SHA512
31333e20b169805aeb767647b10bf8df2461ff64aff985198fdfb2eceb24376247dbce1ba846cef760ae03e445074ba8fe2d0b479bb04da025ac2cf8c96c7e31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4a0ab35b-156f-4f1f-9f5a-1c54ecc5cedf.tmp

Filesize
11KB

MD5
d3fdae8bafaaf8f085faa6ffec5c1d2f

SHA1
3b3866eb3535c83eb00b01419a4fa56c97ef8082

SHA256
8366e9427310df298cabda3d4a2f7afe9742a26b6730f9c01c95e55efbbd2fe0

SHA512
dc882302e3f63ce66298249abf44eda1d1262db06267fa934f13792417e014327a9de0a2c134bd9d4023658bf8cc19b659ca4f65e153797b9718bb9abd34ed05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cb557349d7af9d6754aed39b4ace5bee

SHA1
04de2ac30defbb36508a41872ddb475effe2d793

SHA256
cfc24ed7d1c2e2c6585f53db7b39aa2447bf9212487b0a3c8c2a7d8e7e5572ee

SHA512
f0cf51f42d975d720d613d09f201435bf98c6283ae5bc033207f4ada93b15e49743a235a1cfb1b761bde268e2f7f8561aa57619b99bff67a36820bc1a4d0ec4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
aad1d98ca9748cc4c31aa3b5abfe0fed

SHA1
32e8d4d9447b13bc00ec3eb15a88c55c29489495

SHA256
2a07cac05ffcf140a9ad32e58ef51b32ecccf1e3ab5ef4e656770df813a8944e

SHA512
150ebf7e37d20f88b21ab7ea0793afe1d40b00611ed36f0cf1ac1371b656d26f11b08a84dbb958891c79776fae04c9c616e45e2e211d292988a5709857a3bf72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\759c2d9f-fe94-4fd6-a2d6-803e40db6ec1.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

Filesize
233KB

MD5
e21e1c5d267c7141fd3709f6e68e4f7c

SHA1
63dc49f8a0bc7eda46588972558b118898a11b98

SHA256
5c073779daba3739f20b07242784b76320dd3c5488d6066fc507dc8af2debb18

SHA512
0835289b4f527d9603cc1c1fc549bd87df3e276f3374aecdb16dcaeb39461dbd09e18526e9ae5c5885258589b45ab6c570c018b910d3e2481d981657eedbc449

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

Filesize
20KB

MD5
dce282cb1d2c1940336e638e0fd96e49

SHA1
dfbfa76dbd6ba75ab77456ec825392320d878397

SHA256
b8119dc8d2135f9201a398149c7bd50f43c1f6cfb6670f77b3f2f61600604996

SHA512
03a81d0f5b5c26cc168ede0d372e66c3ed75a9cc1e1c2e147686b18eac550d63a43b9c05733a2f00b821dd3820754524e932babf74c747c883da3add6968bf50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

Filesize
48KB

MD5
baa9f9df378773cb28884dedeb3808f6

SHA1
9a43932d23ff5a9d449c6e85f6bc28f2fc221c64

SHA256
515270605d5a6ebee61b69bde18c4fa049479d99578524b17049cad5b481559d

SHA512
62ba4994b070564955b5df3775de2216f17ae2deeaa9441fe9c2cacca9c04b8f4b9690ce84ad6e4d4ae4bd794a8686773b0d9361dfcb38c9beef1cffbbc2b6e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074

Filesize
615KB

MD5
e6711cd1ce70c3553a2284e7f9373476

SHA1
32c0025a5f9f25b4164c4c07437cc2d3010e90a6

SHA256
c22466a65869d5b1136ade87af53c9f077143cc3686205c40b9d62197b8d1064

SHA512
a82438b69837224434d9e0a66ff41a33a9fa60acc1fe23d275127436d4d939748fe4b7a75f7529d88cba36ad3160ad6a072c90fdc0f0e5edf20d3995ff66804f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

Filesize
32KB

MD5
b2229d4466ee263a188530ba16cd7af1

SHA1
9059266f5a47c5ddc2a792131b9b60908dba12db

SHA256
17b766b8e77333366da8c1331052ce026b1555b24c7f8404333420e97fd6224d

SHA512
1038d1c865f0aaca95381491f54eb83e4e61ccda9534de9e9de4081df3761ed6257d88f72a1054d2f2f4c2d570e3e2f14a73925b2867679749fe47d8762feb2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076

Filesize
32KB

MD5
eed96deb881ae2b11127253153331f4b

SHA1
f5a350024e2f3e2755b452f2a218ecebe10b05cc

SHA256
cede6026733388e8934c9e149b36a7cc97428e8ad137a05860d8704dabacadaf

SHA512
934b89cf82d36733bfafda721498971117a8b21cba7774f05d88b4f74fd336d6c7213dabe1a0ab31f5572985cac9b63354ad4158772281533ed3d56aa31d0a27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

Filesize
55KB

MD5
7d3cb34ac2aa60e15ac40f3d1f973667

SHA1
05fbf9318321a37b087f3048e1bdb940513e0b8a

SHA256
f15dbf6e4bb12e50a97d97da23df3938c5aa61bfd794a9936c366eef9907989d

SHA512
5acd5efc80259a9a6055361a1ff402d88b87f1c45b520a7eaec8370fb5ce228a66984727ced430e820bc6f7f8b0d8be132cf1dd68f8f5cdebe4560dc87fda2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
537f23f62221a4e9f601ab2c9a022864

SHA1
9d7afa4e69adcbec512e3bcf990976f204cbebd4

SHA256
b36b16fe3a79d7eb669cc11ea0cfc328b8b502ce64468b5d53fbad4993d73fd7

SHA512
b455e6870c9b8e11dde60d517404ba3e45d51dc032c820779d468b09a65d340886673b5833a6458a6a974a4f2d46f9b9b700bb2507d98dc664d2e68da08d56ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
9b70cf4986e1f61ddccc0ead146bde79

SHA1
c3d99f91464f43ec7382efa7853422e7b35fb2ae

SHA256
4846075ee27f28a7f2a70a44d1ccb7f88bbbb1002f2013e3c90876b4921a00e7

SHA512
1d20ad13032b10379a3d9e73d00df843a3f4549e5663f96077247cb0bfa653983a6a288c983123aaadc53d68397bdff03963236fbb95ae0275b3235f3ba48abc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
9fc9d45f5f43b2181ffe57c43f6a8338

SHA1
b7841ee39f1dd9136e44a071078434cf8eaf9eb7

SHA256
a0da07d68c7f22a569cec862b0dedef2767b23b02b91ccfc59d0a33317caf8e1

SHA512
0995c629add808288c03754907bd187f8ca1f79ea32d2ed21d8288088c0f5d487c15934191bcdac9268ada4798a4d9b13dfaa7a72154008260f493348ed9bd05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
8d0291a7ca24a59238dfeae8ad2f8f78

SHA1
c83388f39329cca392af3167136f16e1ae90aa3c

SHA256
e756daf2c0bcbfd2284b4f546f45586033d13770aba228d4d7c7e3d13f1cc9ae

SHA512
2a72a5657eda65daefe4e146ee79b9cb45e7e6777b57d4de56fffe4759ac053deacfd9162acf7267726824fb7d048b60813a87365efcee0969174575b2460195

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
1343aafd71384d6c3fb3cf03e7b8f38a

SHA1
1a93f59b4ad276f68b48839b671787f0aaa196a5

SHA256
8317b47a4707a0345cbd0aa12b3da266da232062f0728deee80d589f0d80918b

SHA512
330cda1b6594cfb30175a47ecceff18ad222e5102e77cfde4df43e97de0da8ac9299537a208c53170017af2798b2948daf45317d61ebe095b3fc8c91ca194b02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b05922d8618bf00a865e461a8c27897e

SHA1
6e6bef6564c8fee6d313da71491431495bd30897

SHA256
2464d778642ce3dde78b90cf9b2e4411969b7e4feca98a7ec5a1eece99802b29

SHA512
13cc48dc78134f51e50310db069e0d91cc28d92b852abe281ffafd7b53aac9925cecfdecbb828b3c013767a0acde782acdf7416e98062d420eb384fa203d1b90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b09b523187718908cf468ede57606475

SHA1
49ec4385bdfeb6211ec10957313e6fb05ff2f28b

SHA256
5962b3460fd2e7a7c83a0fe009dbdb75e18e3bb1bccd1f5ef675f7e7634b37fb

SHA512
13064cd615cd6f1051d1e7bb1be4bfd842609be4384a18cafee2cbf97ce535fb0f3ab826c3abe199ec99b3b94a8524d13906a1c6b6051d9c0bc8bbd618be15ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
160c35f4451e14fcae9c449051bd4ae3

SHA1
4455b02d9eabc6b9c91b7d65d64f7baa8259de72

SHA256
44523915ccba9653d4c63bea9e2067508fa0d49af4f3280cad8f3d0d386f8f30

SHA512
89ac4db411e09d6f21b190ac304ef06add08990a268e5d0f45d92b19425eeaefe658e0c4beb6ec37bc65cb55835ee0e0eefb12ccfc0968ff086cb6143a46f983

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
259d2b8bbd4b956d41deec690ae3de27

SHA1
2169e28fb56fdcb37ec68d890c2cbfd437682354

SHA256
20d3b139a64fcf12577ec832552b26df4fcd2c046f1903dd50f2a8c1efc5188b

SHA512
a6630da0b23dfe31cc5c330212c61ca005a603f57bc4caaf9ddbd6f6ed839319c91d34e9d0208b63b87b2f9d673853b55c6fff770e593f31f009e92df495fd6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
61a87ad193b9ecd68cbfc6cdedf62d24

SHA1
3e81d315bc0eeb29ed94c4a8dde3178d41759731

SHA256
30cdacc42b898eb972ae053e3baef2e10a0769c3d4275665fd9e4fbb3467b1de

SHA512
bba032d5d7c35a833acffac82438f12926db3f59c41032c5da58dc1b9af0306edd5038434c15b15886f19d985f474afbc2868f4cd954960f3ce2c6be0c507c9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
734044030f17f058f8f71653e1c31318

SHA1
288a036db5c8e530087c837206ca6f6376e816b0

SHA256
ceed222132e5303a413dabf41d2280bbfeb7504c06b8d7dbae7a10ed9c3b269c

SHA512
771992a48271892135c7414f20cf9214b6e646dd41b6970fc944b28a770775ad1b8bb1a09c21f0ec399affbc8230dbf8527f1550f4d7146f229ca544223cf2f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
83e0ec42de330e7708ff458d8a13636a

SHA1
456aa3b5738e71321ce5a3d31c506789b330919d

SHA256
b81901d0a0e0c72d989d970fc79df9ee9e78b59774568db08fcb03826e030591

SHA512
854fe1abefef5e472e24a7dfb6d016290db4ab5196a16f2a846ffcaa37f17b4618cc53092d4a876aa75ef602039eb5b3b5e9e57b99ec1ff9c8dc36d0dd6b1b67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
565f8c0c72f41d49595c71173611ae07

SHA1
9c98f7a359f1b16c92c3d0b1ecfe5a162472d7ce

SHA256
cd40010ce597f82402402a6290928b390bb22a7d8bf58f536cc5b0ad70c7971f

SHA512
dca7029df37cdd9c1e3fe07b8c0e6800d4ad53e5444a2a1ff58cf4ab86c4f0caa628f0bd61b060bab5363c3950681a88a2417745a0f73617edd2ad6991cecfe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4752200210cfed3f40f655284958be58

SHA1
01c15c7810b9c7a0b648ff8e7e465170387b6f97

SHA256
5de80141f4191f9e91081972bcfa9c767298f8bcde830964a0087eb32121d2f3

SHA512
e4022b77234a5ae0b9fdbc3fd8a0d7f41788d4cb0d0dd2ac8126d678797854a4177881a1ac98b1a7c21d986ffb4e7cfff386172208252e4db396e82b451baf62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
367d95b823153cf58f8c3397a793c669

SHA1
128a53c7e8a7bc301933dd08f0e1ff304d892cb9

SHA256
2e3468115b494f8fb43343d64b609501fcea3fd468734ff01d248ee7b8ef1a5d

SHA512
3a1f053270a6ccaaaedc4639d2c2685aa288cfb35a16aea2f2b3d881bdf1924249fb951b005d6afb2f51512dd0d721449bcaa7b77646553f62f553a28cc12efe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6ee7e8385ab951e40de5af0737eacfae

SHA1
c9b140fa516b9fbbe2e3584f11175134b0655a2a

SHA256
5693e82097785622e2bfd30cdc17df3e3597f185d21a68a9f2b1eb5b50021c5b

SHA512
cd96cb43ef733ae918b3887bef172e03b9c5f25ba84e1afa2d883dcafb4398353d66f4fd818106179931c76eb134119d20b98ff09d616df48e730ffdc410c1fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\32b8888e-2d16-435f-9e33-99edab9618e4\index-dir\the-real-index

Filesize
2KB

MD5
f079bdb06f0e9a8863ff5e7b7f049afb

SHA1
c16ffdfcb8895207ddcd73dcb7ab2773cba54370

SHA256
86717e70f2b898f1b1ff7e0a43266ffb85612bc800afbba0423036eb3f44c38d

SHA512
c3c9d7a6697359ce87d94e04deb5f4cff6ea1ca53b236dfa24cad9a8c11e2d10560936d97b6f3326536cb6c706db5355a701a3d631d6f063055efade2a088398

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\32b8888e-2d16-435f-9e33-99edab9618e4\index-dir\the-real-index~RFe5a128f.TMP

Filesize
48B

MD5
8a635a480a86bc1979fb6a9fabab8ddc

SHA1
5ca992e75fb164ab4cc8d0b60861c0df0fc5ccbd

SHA256
ed6d41dd88bb50612581739bd6ce332f49a3e97ed7de041ef5f424a4cf08d2b1

SHA512
40f1a189b87cc81ec7e16b6ed19caad1634e4f21424331167b1fcc50e366b4b0ef57769817f263057af13bb435874b05dbbe5b1abdf5827a4fb048b9b86ced13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\56395118f38dbd30_0

Filesize
8KB

MD5
087cbae96ca685bdcf2469647236de72

SHA1
f08d70217f6ec7e19a90926da7c5caadd8ce0f1e

SHA256
70e8a372397b665bf007a02bbeb5c3e6be382a6eaaef40de4d732582c36c7fda

SHA512
d127e048e7de9898488e981867468ee67fafd9639cfad365e1d11b916f33e7d5836588b1041b335791f035dd9dec61ea7ba8083adc4f499a87b667d2cf7d2987

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\56395118f38dbd30_1

Filesize
14KB

MD5
e902128061b713a2173fdbeefc6a001e

SHA1
b0cf286d5e0f624d73383225fd8ee795fa5dd566

SHA256
b8a2bceb3fe8cb9dc0dfc512a2b47ff563c43b247ebbf67e1c66ef5c25512caf

SHA512
f6d79297a6874ffddd2e14e7e2705e781953375459812c84efcd3360c500af0050bbc6363939c6d69ccf3f3f8b14aafcc3cc647ff3dfaea0f28dc44fd350ab3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\655ef16afe9cd2cd_0

Filesize
2KB

MD5
5fb282fd7b021d7d58ec3194abeca6fd

SHA1
93327820c529802404985b2a57774ba84df3de86

SHA256
114a719e1ac2fe3839b19d2f38b6dfb314902be77dc521e2e470bd28f252a0bb

SHA512
9a1b263ec152e19e60d659a6bf2caa3ee9e1fc911d4a0d118556d79628bd7e9ebb28ea0d8458d5143980e03b7878d237b8f1c184247e7fccadd32ea285f9322a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\6bc6ee08c857c1a2_0

Filesize
2.4MB

MD5
2be54c094f5eefe63d65e4352aa3ea8c

SHA1
e3148b3cd6c10557ca9ec34013781a2a16a93dad

SHA256
aa99b1b38ff17d5e45307a6315265b75f02241a46db616d6c0264ec00d6872a5

SHA512
fc5884c39bc67034b9a045d68a1f67b14c6b72ff7ea9658ddcc37e076b941fbaf9a810857896aab6bc8e3d19b451c1b0c1adbd10a0febbd29ab63a53d84639e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\72a5fc436edcd339_0

Filesize
2.4MB

MD5
2047bb4033ada89ec7c56f6dff17c796

SHA1
9ab9e97f53cd32912e0d00012232cacfbbe509fd

SHA256
1d5fb9256fd8514d0dbddd436aba52bbe50330b225a9b3c4c50344f04d4f7fe4

SHA512
3366992d1f2f2c8fd27b711eb7fe1565231d9d4e9d97ef9fc245e191f6b198af737a1d9c356d48133874cfe0721a81e77d3cd2bafb7d2b07489f9a97b4f0138a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\72a5fc436edcd339_1

Filesize
4.6MB

MD5
f311d839b5a4d13fd236c017d5f7954d

SHA1
12204ef9c4e2fac3edd561c45b494748ac9897ac

SHA256
0378c27712e404a651aa32730540e9de9f1f47e786fbb4ec5817a487e4d96d30

SHA512
4025427b97c33ddd571766eaac3e5c740859c95829c8ebb2e276a891841d66a790931058f795a612ccdfc515deee9a977ca732cd57d960e9e5d0092f605d95fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\736cc1df3e38e647_0

Filesize
5KB

MD5
c33a7efb74696fb684703a8371fbff35

SHA1
e5af3ea1905bdce97ebc3e542857c0ec00e09bac

SHA256
ae2dc7ac481abf84055b7aa3cff94af2ef02d6dae1392d2cd64125618ca2c250

SHA512
67b04c28e80065ae14b7374294bf73f8973ccfbebf9c01a308da29dfc1db5556ae021386d6cd311361b8a08a0007aae0862b8f9f3d77ed688a151391ff001a95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\75a8fc72fe80fa09_0

Filesize
391KB

MD5
0214df4ac902f86246d1bf5e6ea05019

SHA1
32820506d3f60bf1647930a79e64b17e7d22ab9d

SHA256
b9214726fad1b529c3571ff211273a79d86297e8a6f70415d748aa85ee68ac5b

SHA512
3c53ddcbe40c0667ce14c9adcb4035280dd195661901ffd55acb5a706fbe6da075a50afa9cf14134a6d1a8b5d1cb60a3b305de2d29b1de909f14cdfc70277b4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\9c9ccc32e4541f1c_0

Filesize
1KB

MD5
2b6242279f6958772fb43d41e335cb21

SHA1
472b434742aa5a8c8655954c710242947ef3bf0d

SHA256
af7a551967333f9b77ed9d31b5c441fa3be5f16d35ac07e820254e6e384833ef

SHA512
90dddb1b143a0299f9bd826ab33dcf07e4299e43a85a473fc76b562cacad2ed15ba12e438e288ff29d22643a66bd393ab71bb6d094ec4df518b320c1255c2d10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\ae53f6723700fd6b_0

Filesize
159KB

MD5
5878de2b34916021413d13348fc10402

SHA1
eed6065ad3419ff032007b593f69d2052ee693a6

SHA256
69e73399c4e504ce62138949364a8480114a93c77eb04671f82d6717a92ce30d

SHA512
867d449ef86f48ffc711329c185b6c20cc8669b403cbe76ea2337fd09f9d7ddf243418dcf8345d2007c69fb7db3ce7075422c38ce0b3198bd9ba1c6f7f9ee082

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\ae53f6723700fd6b_1

Filesize
311KB

MD5
36d21b4a7832b9a2ae817f4e7a1b4474

SHA1
01b555a17418b92abefaed3704defa1c5811d53b

SHA256
8931c234db4b8f83a44f795f6fee7f87c3fa08a69c00316ee5ea5cafc52a376f

SHA512
3eb5dba1a0af77a5ef2fd5db66909a2f1b6c56f41c84cdfa07a92f2c2605afdc5e0e2be8de2787490563460cb09df448d62b827951683279fe68a37faa585ef2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\d7b4a82952fb8702_0

Filesize
9KB

MD5
4ff75b0777048548350a6a2fdabfb87a

SHA1
c6fc31ad312ca94cd0e7f7158ebe007ad4b82df1

SHA256
80ccf5f2aa647796609961c240ea82a29853ad883dc166098f1fca995a07afec

SHA512
b822b5b7678d67a792185286e9470d9483751c7a0a3e7060629d50fe74dcb5c3d85b0924263a1980a07d1e0f3e886642aecb4486b5fba2e6ce440a25ac80591a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\e37ea5c53f6059d0_0

Filesize
119KB

MD5
3854aa7420300c4b0d42cee2d0a56537

SHA1
f71c1f28b80161580f7cd4ea1cd7609b339e6207

SHA256
c983eb51c22fb83ba6259ac6be92b18e3a780d4045f8a9c851087b402d2b98d8

SHA512
c69171f1ac0dc8452b691456f7fba8db279e71d429cbad26d63b1707bcaa323e734542eef068304f3accd018e62f448ea9dc42ce6e91ec6d7b87d1e76d97bd79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\e37ea5c53f6059d0_1

Filesize
271KB

MD5
cc6fccf47d95910394c29ee31126e63d

SHA1
857b571e38fd3aeebdd16535b4f5e388db03a3a1

SHA256
52dac6f8908b62a5e5f595a465438a0221216817a5ffc7681ae6217dfb206ae0

SHA512
15fc5711f5cc1c85d6047ca77eb11823ae12bdc398396e6c9c5a304a4e29717bd6818dcb45a7f135b0571b1c08924ff695e2e5996504755cfb20038e5a52b19e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\index-dir\the-real-index

Filesize
624B

MD5
351d2e6b1ea08dc446cc83d15f1f1938

SHA1
8f0f7487735c7628c15c3b41ceed7a2500f3174b

SHA256
8d65a10e52a4f99c6b84f24c976d8c4a61ccb93ce8dbe62ab6c44efb832f404c

SHA512
927126e8fb2e1cdc2de1a944ef15d9fa410d56c3021e40d4bbac15e6cc00e95028029868e1925f93514d67c75c055110a4a6eb7c41b4e851a67a6409b6397e6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\index-dir\the-real-index

Filesize
624B

MD5
48e16aa471e66c5e991785aab9633148

SHA1
b8f72b10c9e93426442c7d80bbb04f8323919291

SHA256
7e7e0d79f728844e2a489aff77f424c5f73435320f4a2cc9f65d43cfc981014f

SHA512
35996d91e9c588ccf5545f965f8bd1fe74f431dbbd0a3e7fbd4a973a98460bf09cbe7ffca4a603f37c9f3605782d6bcafd7b6e56efd1b14bc4f1edddce5e940c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ad7b791-b7d4-4a43-890e-914f37472786\index-dir\the-real-index~RFe5a6e8a.TMP

Filesize
48B

MD5
5b500ce3c8b90eea125e43b17690c9a8

SHA1
3af60115d0bd5264fc5c4097e6ce37944ae3dad4

SHA256
275ac999e365961fc775aa86ba982b2e91e0dd50266130a291e08216b523fae2

SHA512
7fcdf8c9a60ba46c7254a2558ff88f957b3bb14b5544a748356b41cf916d78298375f47796cde591cd1b6b17779dac1a0e706f14e3b133dda040ab7c8ac5bba5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeedfb7-e70b-4811-89f6-f8be7f1c235a\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeedfb7-e70b-4811-89f6-f8be7f1c235a\index-dir\the-real-index

Filesize
2KB

MD5
2debbcca15ae5df2409528c9a1b0c7ba

SHA1
9feb3c378c3e7211093714356dedd104a4b2dac5

SHA256
f1ed284e4c7ab387340e1f0b9b1a2343477acb2c69e302f6a8fe69bf9453869c

SHA512
e2909518d65962dce5db2a29e560d7eb09a161581836e1d86bdb44115d82ac44b5748dff4aac85ed52e9882e9cd10b328c134346e6a7d12ad32f00e71ce070e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeedfb7-e70b-4811-89f6-f8be7f1c235a\index-dir\the-real-index~RFe5abe31.TMP

Filesize
48B

MD5
b52ead0282ec022ddcd6189a85703b14

SHA1
c92f5e88d98a02af83e0fb7e93513676c2d83d06

SHA256
1d091759467aafcb44249e6773ea78282a7e007b65d932e666f03e91eb443c4a

SHA512
14f58c725a0bbebc739a3318151a31be5117ecb2025a6bc90b84fc413b57b407178e4ecc3f6d0724fb81bbce5678047efd3831f5de6d2fc8cf96a1afa1552bb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
56457e75b56657e36d22db815937379d

SHA1
7634b47d37546f6123670b60efd3df6250b55f3a

SHA256
d54c770c53d7d881bbed463c5f795d1f3fcb31104e3594c999b7ef3784a24cfa

SHA512
9ca1309b7ce0f673991984e9ae514d66508cfe005ebcb30ad221b0b8f46d40fc58225a0dd75db5927fceb6efc93ccff8c7f744bbed3f2c11668e3e5b15c7a681

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
2de38229d17f829de9a70fd2138edee7

SHA1
a0f40dfad841bbefee6def1a35bacb370f483999

SHA256
0640e12ba12240f4fd76ccda316ceaaa2b161e9505101436a41571b5fa7b055e

SHA512
de42efe0b42cfc7b94fb08784088e9b9e66ae881e7186fac7513827a6cecf82f98fd1f95b8ae5978e4f8f7d8b80ffb9c2c73e46da8fc36794708add3bd51fb12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
c323483236f3fd11538515689ce5fd9a

SHA1
1e1c9d308e824aa45866bd97c39d8ce9b92b9dda

SHA256
c3cadbba4de99ec1764d9a91b60e2bc221d18d5105f98a7052d55d5911cf82d9

SHA512
0a1b912d5f320daca0a54395136da2141fc139106e9bc763b20f52ba51bb364a145b70a417f91cbea05cbb8651ae62a90714a044ee090ed4dd8afe3636e13565

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
e3cc6efd636a2c9b5606d2afd5db2b6d

SHA1
9b43d45b7cef5cd7ccd602bd7ed2786e60658af5

SHA256
d0e4db5be4bfcb3a60582ed40d41433fef2d674295c511b888e3bb28713e5817

SHA512
afb9338ec374fd0fcc095e98d3430d98ed0655d52ed3b7675ff362020250e37f5458ed85f93496c35bda8857515faac59d2aa3af35c25fb1ad160f09b0766df7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
0cd9823cd5d6d1cc7ad1c6c21ee62f37

SHA1
46d42ce78e8356eba14f07c8e170f1c2b1e40850

SHA256
9395ac648e294cea5dfbcf8b6fad31ad5a5c1e9428b1a504d018a6477dc75eaa

SHA512
d63c00d7902102cd99348e3d93dcce8560c98bfdf0089a430786a20374ae5f9a7868dedbc99d30c18789ae90d5c60d933ef99ac73b2a5e4aa5a3e8c9a34072fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
04aa13d3c1d1a8a885ff6621a1ac900f

SHA1
20a609b14cbbe586a16741008466cca003420c10

SHA256
d9d4446e2f463ed2a8824acc86653ee3cfca44d4cffac9cbdde4da5ad82f0341

SHA512
d034f437ba51aa9d4403f7d84a2a5791f77c5a63356b868ce5855399f7d9ff2370548d33b24d04aadeb3b7f350e012fd84da26862460a13e735893fb6c02fd34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
5975c737172b78b4ce553e1df45e9786

SHA1
b5cf413b58850d77c56967f6d852488adabaf177

SHA256
ea51daacbd6a7db20df536f696634dd1e27faf77df227b438df71c95466ddf0a

SHA512
c89d6ea3c56f4e2a1ef7da0b662887c5f8e662110aab7bd130f89339ac82798ef6548635146a9c6cfb9354d173582cce581230caf00d8ef921b5af64c59ab480

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
156B

MD5
34d211759636f7edf020289682e8a5e8

SHA1
0fa1c42b165dc61cdf056f172563d7fc62abd70b

SHA256
291128bc6427b1583e248a189f4c27ccf609c7fd7ce362fb620b9d7c675ffe6d

SHA512
72779294f12ee78095ac69c8fd6cc8f5235c6db592ebf9ccc570d2da03272bcec7b5e79b36850810038b106b5fa1e6de3011fd06648e64f293cc98c1676c7f06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
26B

MD5
2892eee3e20e19a9ba77be6913508a54

SHA1
7c4ef82faa28393c739c517d706ac6919a8ffc49

SHA256
4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

SHA512
b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
378d8dfcfa5bbca404120b5d5a676000

SHA1
45f832479748b4050cee4cf8012518613df6fe8c

SHA256
98081248b4e161ec4978019d4def1e1cf2d84f6d2d9ebbeb5b82b8a2529c1719

SHA512
c2adb9e5ae8144391c09369d5b427f1db31b5b7bd2888fef4af390a984fd72cad3369dc666d97551cebea0652a208fe1f199e7e1a0f91faefbeffa7ef85cac10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
f345b767b741523f4bcc17602ccc3d07

SHA1
b9561e222f775c3ee93e86e6eecb84a7421e8cfe

SHA256
7a0dadee265ec025d19e2e85f02afd6ce14c069a9f062ba898cf0b3ef8acd98a

SHA512
f4c3c4acb17c9efd38dbb5d011131bc8db7993415fa6719efdaae7835014b0fd5bed942fba35ed0ef41bcdf6d79b88a946c13d80e87c57f9645513cef5f6ae9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe59f96a.TMP

Filesize
89B

MD5
a83bbaa38072d7861c94796106198ad6

SHA1
98e80fcc046434e558b2102a01a8735bcae32a86

SHA256
63aaa4385ea7a0af171006b58de55cb70e5b7ca495852dc0715a5e03422988a1

SHA512
7d444da09fc4d5ef985b8f62958c0e092780a885ba6f1a33ee6d5bc6b91670d947c60f7b6dde7fcc83616e1d0d7bdce36fa8347d1f7e8ba544ed96dbaa8ca9d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
a704ff1f80e5fccb536997b7c3389da6

SHA1
c886e8213d577e8c51bdf28a0281c2335d7f9940

SHA256
05507310a7f8602a4238f9d872a856bb352a59eea86ba93035526fa7c31b1a2a

SHA512
e1ad2ec87ac4447bae8e2d9990eb91f18317271a111142af6048b8d2066a31a47f0f5ee43239209f007a5038f69713308bebe91be77a501541c955f8e388f6f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
e2c4e926aefca5d624f4971e831cff85

SHA1
ea5de5c36b9821c7d8740d44cad5b78b9c9ebcaf

SHA256
e1a61f635f6681faddd09388eb3dee928ef8998a70b6553f4ca35048b1ad3f4c

SHA512
057ae71ad59b87dda1a48f8f7a330b6bdb143f8c233d47b410466da8eca6ff72ecb23beb7cba6f9fa703f940a95b4442867948f050cc91136900fadaa3a1cd8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
078c1e0e427de46ac451b9b1cbcd640f

SHA1
d940bbe5582fd018ab1749bf5a74eb7f4ebc8478

SHA256
1188d4c478d9e50eb950a7d56eb3c1156c69cdae1b06179c4ebecaa78f64aef9

SHA512
fb8e6b87b4000dcdbc4638c9a987c3a84af47e5c22b47ed959e6a48346d5edf08456805f487082a4d974388402340543ea069d4d10f27e67b2f0b81922f2755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe598a93.TMP

Filesize
48B

MD5
75ae6e679699ef974308b14c58b51e02

SHA1
a1bd1d05d499a622e9741a5fe092fc2c603252f5

SHA256
85b94cec324f05256dad1a2911726db7fb3d4204aa957f7b9708abd88deae6f5

SHA512
0a4379d2b4b5f609db166152b598ec4be87967116c86a9eaf590bb6129e95b4b0bcb587dfa0d617cd59a011e174edc79bce5c1a0211f0e75493231903a36cbac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
55e439493dfabdcec9a1bbdbb3c775cd

SHA1
23b5d608fd095c45ae3f1afa2157eb75e93c6b59

SHA256
21d2b4827976bad7d687f696513c3042bcacecddb8e314ea58ff9701c8ad1518

SHA512
2e7b1ed730498f696ab35b7e0bdab36d2bdf83dbe5258ba8b7b4e7e4109910725a1502ff2cdc166287408fd227f07bc49dfdb362f61f4a1efa4f86801b1e46f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
ddd425b6e004f13a41527c29397e010b

SHA1
608557dc24cdf8cbd3ca4a39027c0af551f25b05

SHA256
626b81cd015089b2554276908730b74497df507dcb70411230ec55642eedfa06

SHA512
b667b5f35b4e2e67aea6fdfd24322519eb1d5d0a19c400a660150cff3fcd35b5350cc5b758eaf8d4bf67be0a77ecec1207c768fe0e19203df3b010d0603ab25f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
79b5aa42c5dae5cc384d77146f3e82fe

SHA1
a2faf3f0be12d44bf6a7dc748d96022bee2d3184

SHA256
14889057b0204eb23ad6ae55b4538d8465e04c0f94f0c076c74e5b63876fa478

SHA512
80bca71c37198ab8f0f16ab266c06d5e2b1121b79a3119d1bff24e08c0cfa86e8830ae549b0a66c988b70026d1f12445706019b7d1e33bfc8edba80317a0e3fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6c163a92374ab7d3b3b9563f4ae1336f

SHA1
33b8a40390bc706db2d8ca89768294ea3f6f9f61

SHA256
467ea5604ff89fa881166a5c02c492b0d98fa52369e7f848000ec5746653f688

SHA512
c2835111dd97f1a26b161d9d43a0ca93408f3890d0ff562cc5a82430971e34fd875811346d6dd343eacd4fa3df1622d1fc820c7a88e9f31e1b7e3b1cbf24773d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
a55899b5e380b3045446a4aff0e96d96

SHA1
85fd8ec4152aff92baa26fd026a16b8f68d8e4a0

SHA256
92558e6e99d17367be6fdffd16fe85284c2bc353cc6a6b869c4610254fa5610e

SHA512
119ee817f7cab495146fbf2ecc71db5c9316ecba50c464c60848f8a8f25e6d1e8986246ca716708d30d42a4869cf60d12196ac0a7c380041eec53b61b0dcfc47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9faac1d333c21f032b0f9ec486d12c67

SHA1
9479bbd32792e4d2a41b471fb2f8f5439a42f3ce

SHA256
915e4ff4809954a9a1a44fa3a38d44fd85525c7bb5070b6f365e4d456f97126c

SHA512
64f06d46bda1bbc2c737575d4516974596fce3f57df274546538f045740a629c4aa9cb9cd032e6437d23d90166c23b63f128322e003b28e01a247b18d01ce740

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
c163dadeea5bbf933816306928eece27

SHA1
3e7bb3d4af692de55ec91a1f4dd21c4a2935a9f2

SHA256
46036c6cc46d8fa11898889a19abf0350873cc4ed4643f3c923a93bf237521e2

SHA512
f1ae034f8555abb28e6c48f9135daa33d3831c08e2ae91092551642e4067c2427c5ab94065b6b9b24af7d681d1c29d1aa7a9f9e8f6c5e04224d4ee22adfb3e18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe596a88.TMP

Filesize
1KB

MD5
2c44e0ccde263e54747be83d62b7cbdf

SHA1
f70774f0edb0b89d3b880e077a960be117e8382a

SHA256
e0b976da93012b7724f0967d2e4eb0b4052003c8155e55378a64ab292afb5186

SHA512
b628fc2e95a3bacfddd5de45a6182071ec1d253df78f35b5986c783b7026f1bc47751da72b9cbba83c11da0752be16e6455220706b44b259e592adb7180eaa6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
03d5ac106c714c74b310a32537e29429

SHA1
b6018fa0a37580e703193fb5e029227e8ba146b9

SHA256
b01df6c825bcc116f6aa99238f183029f0b4245f41af579633ff51c686afb9e5

SHA512
3dd973462d4002b96737faf4c2141d816bffd5d7863f3d9625f081231f6eed153f7c053054b66cc578aa10b89c7add884a159b4a353776cf291a1b0b6731541b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
81bdecf482d9a8309b75b016e86d08ad

SHA1
cfbc3be92d56464e07bc19a7b44af7075f39f439

SHA256
cb303c844f684cc41ed1d22acea5c28fd00b3d0aff7d7d21550d0182ba17101e

SHA512
e6567667e8ca0ad9cb11aa415614909da57306f0f0797fd4b0ea8791cdb6c3f923940e11638209a507ddaf9649bb0af0eb38f55016197c3e8893143b6d6e3584

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e22b81a9426ae654f9b3bf6dd06856e9

SHA1
90ea98ba0cacc746048a4638fba9e337a435c8a1

SHA256
5b94da251b86a9c4fd90cffe49e8a8d04a90b0d5d9d130e5322b1b6e17fb42e4

SHA512
287a69b9bc578ba2523ad1e47aaa33b4e88cfff86e23f0713bbc2caddf299b1a32b7d4d251dae3ec7d1fe0ee18f432985046a39e2d94038700117e4c55c60b9e

Download Submit
C:\Users\Admin\AppData\Local\Temp\6c03ab14-439e-409f-8545-345a495b95e4.tmp

Filesize
132KB

MD5
da75bb05d10acc967eecaac040d3d733

SHA1
95c08e067df713af8992db113f7e9aec84f17181

SHA256
33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2

SHA512
56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4636_1063372365\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit