961c58e8acfb2e8e79defdc4bca76cca7a1b35093cff40de257c0ad936ccd7c4

Resubmissions

20-11-2024 19:12

241120-xwpnes1qcy 8

20-11-2024 19:03

241120-xqcfxawlhp 10

20-11-2024 19:00

241120-xnpy8a1pb1 6

Analysis

max time kernel
1049s
max time network
1056s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-11-2024 19:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

18KB
MD5

eb13fcb8e05c49d2125a5d253d88c87d
SHA1

db5ba1b0b0c111c9946666f800bbd83d1cd20c95
SHA256

961c58e8acfb2e8e79defdc4bca76cca7a1b35093cff40de257c0ad936ccd7c4
SHA512

e562afa3f750e517ab9651d5e52a3c0c6948e3f38d63eb6e5e308060503d7e404bb598e621846ccd205283e1df473e5c0f76fcfa4724e8b577824c22406d0a2f
SSDEEP

384:wjn1ocy4OoJ4lbGa/MvhpNFgDR9CRlObz6r0sZuL2fN1xCejiw:wjn1ocy4OoCEaEJpNKDJbz6r0sZuLULn

Score

6^/10

steam discovery motw phishing

Malware Config

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
phishing motw

Processes:

flow ioc

305 https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

flow	ioc
305	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	process
448	msedge.exe
448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4092	identity_helper.exe
4092	identity_helper.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe
4512	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 59 IoCs

Processes:

msedge.exe

pid	process
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe

Suspicious use of FindShellTrayWindow 41 IoCs

Processes:

msedge.exe

pid	process
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe

Suspicious use of SendNotifyMessage 40 IoCs

Processes:

msedge.exe

pid	process
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe
4448	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 4448 wrote to memory of 2596	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 2596	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 1380	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 448	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 448	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe
PID 4448 wrote to memory of 3064	4448	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd774046f8,0x7ffd77404708,0x7ffd77404718
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
  2⤵
  PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:3952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5436 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2144 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
  2⤵
  PID:3812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
  2⤵
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
  2⤵
  PID:512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2636 /prefetch:1
  2⤵
  PID:2652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1
  2⤵
  PID:1756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3964 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7592 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6388 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1
  2⤵
  PID:3452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1
  2⤵
  PID:5128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9232 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9436 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9484 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9792 /prefetch:1
  2⤵
  PID:5728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9796 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1432 /prefetch:1
  2⤵
  PID:4152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,8157383523990316343,3811146805398646141,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1692 /prefetch:1
  2⤵
  PID:3020

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5068

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f4 0x4fc
1⤵
PID:8

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\99f513e6-40b9-4790-9a16-c742e6b2e537.tmp

Filesize
14KB

MD5
46e2d843c461711c83090355931236fe

SHA1
0650b32e19f4f5b2a3db9fb2b915d32d9a408e5f

SHA256
78878d8ab7b862877451d6590f820a76aefb57902401f5d979ac9b5965cd67f2

SHA512
528442958d55bb86e644f22d935bcb41774a79d7c6afdfc28c3549f0e7a9fabce2df44482af9f1a2b0098c49f3854b8168a68ebb0c9fe712c42dca8dca1a913b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

Filesize
1024KB

MD5
221c0ebfabbf25d17dfc93f0feb58301

SHA1
4fb2f8b762dec7726d14b30e92c36961ed2cf642

SHA256
953172ce5be21e5c6fc50affc8a45a75abb73acf35deb370c504ee3dfd625468

SHA512
335fc7464b736b6e7fdbf6002e4a40d476ff48ec905593187b3c0555675acdb61c28f65dde6756f11020dd4bf6ae82466f3e3a7e0ec2a1a24e9e8feea129824a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c

Filesize
1024KB

MD5
bd55c9bb7f034d72902e117f70d47d1d

SHA1
b1ced28eff74ea0bd7457f9d56b4286d550338ad

SHA256
bc9152c4d84570acb29d31304a930cdb23ac0f46f0472b1b792f0ebfecbe0c9c

SHA512
a2c9acf0972706432eb44eca13cb472e9c10d45a5e39bf5ca3308fa4f57e9a9055098154924f52f93d090bde5ba2e22587c3cf0c790ad1b26d74760fc6c1ddaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076

Filesize
1024KB

MD5
d3ba5753e0f9545769274673bec68f91

SHA1
daff9faaee8047a7698de9491f42ca2336901185

SHA256
40828e2f4d944acf6e3215affa6bc360bc5c5487eed567a097c9c398ae7e22a6

SHA512
e4c6ce880f6e2c33901d628a8f544e91ce3b0ba9d292e2845d81d36a07fae812bf06c92cbcd2242bad95dc946518eba6d3c3c53e39d1e810e5f314a413f439dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

Filesize
62KB

MD5
c0b6bb8bf06770448a0226486a3fa5c5

SHA1
11324fc181adb507aae8bd8f06018dd0980f4cf2

SHA256
51b8e76e663104d57b8772579bdd2803c2f0d92e9420f576729e0147d383530b

SHA512
4e47255d0cc444f87e367f61a245d83aacb82a911ca0045a25e3aa4ce9bd9c000a4e0d80092b57662cd3c054c3677c0848b5c23afb466ca9b70357ed27b7a097

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
31KB

MD5
a4da976dde535a4f11ff4c9d57a8a56c

SHA1
fc4c29049db6d81135507dc3736cb638340f55aa

SHA256
6b85680498d0061e6b748f0fd9c904c74eb9f265f7d6ff6b33a37a0656164bf9

SHA512
e3db7eb080a2c927ec3a223d16d818cc76f9da51525a91b8eb3cc9e15106e2939ef6d550121b8cdf76d38c001971662d833d70a269ccf35d36278d25cf42aa18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

Filesize
936KB

MD5
69405b84704967f712a92dc4dfb50a03

SHA1
ed52a5865958e9f43237749e6ba9023c169a66d7

SHA256
91e8b56f8d3bd115b6cc5c24525c7c29ae1175a184e861293631eb8263747b7d

SHA512
2daef5c7699ffd3c29771dd080aa2d03c495ebe08da2ec15abdef888c355117dffdcc4e1d920cdeb28c587bd2872a5b7776ed68ad79991829998cd0d67d99e5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090

Filesize
1024KB

MD5
7a88fe6f62ab9217765ac728b9d153b8

SHA1
c08ac9f791f7b005cbfaa3f5dd32a6894416cadb

SHA256
01d41a5654f42ca8d65814357d613b4b687a3ea1fa5b4e7f2930e122885daa25

SHA512
cd52a59561ec9d6f801984e95f30d0ea46d09e5f7f05f8b50e5eb235c349fb7687e479b1088f4966dca9aad8396ed28ed64b27031f644b388e2cfa3bd394a738

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000091

Filesize
1024KB

MD5
e1c4ed8a9d3bb9e670678536d09c88f8

SHA1
49518e17ca6fc4233b9055af967877ff80a31baa

SHA256
5ac4593e432191edc39576ad5481c7af1b5c19fc9b18093690aa844af291aadf

SHA512
2ea2849bb31e7bb264469dc6a9f117302b09fda60d871742683d3efd41b759a33ac56c2ff0bef58e9adeedebc83356cc5bad1d68fbffd5eadc56133f51e5492d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092

Filesize
1024KB

MD5
2c9f8625376ffa24af45bb20ef4cb4bc

SHA1
4d9435a08d9089d74eccb9ee140a1767bd5ec41a

SHA256
9de9b62f3bf587a7e05ceceba425d2c2228af61da071ef83d730894464484e34

SHA512
db79c24f107a991f7bfa92d6ad52bb30309153f570df83b65b685844a53b6dab6dc8084006a550e5e2f08d7d69ba4f04dac0f46d4cb9275b4d0b270245135c9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

Filesize
1024KB

MD5
6b3357e0927884deae5472132a34bde4

SHA1
89b633ba7a8d25efd9df911cb3c034818f587f82

SHA256
af543f22a6ef4c13ee1afab4058756a440321838c56175723db81c3bba8d2674

SHA512
f7dffc6016b036d2b524a6c623737d45b934b4f457e47694f50042e71312616b7e24bf78654b09a4685573f83b5c50ff6203a5e0907b4a4d4bb9dc3efc8a0939

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7

Filesize
20KB

MD5
07d48d4d802ea435f3594fb0ed596d76

SHA1
c11825a738f1b936c4c9f5cb034bc17bafad1f26

SHA256
752cba7a6a549b4299a9da317adbe1caad861fa153524fb82a8d43eb917c9100

SHA512
3ff8e1be6a3f943bd0f3aab08cff71fbff838bb69d05c4114d38d45fb69ed075d4baad89573b045bc58c1f7020d9ea1349fee1172bdd5d64d261eaa0c454a51f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9

Filesize
84KB

MD5
0ce4550d069deac99755b3307a9c1db1

SHA1
feb9f128c65d8d1168a0724aebaa4399cc177924

SHA256
d1db402a41f74a7fb185b6727e283caf9588e599d3a4d24d2c6415f646f8d379

SHA512
e1b7136dffd870fcd48fedce3b7be8ed27dd005ea58cc9ebfcff6d84d0ada65b2e0b60a3d34b8cca5294e0c4a680667c3cee3eed6291d581d84d07abb4ab3207

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ba

Filesize
151KB

MD5
0f31134987b19699ee4cd0aeb9071eb8

SHA1
fb922e4f7acacaaf82d18ff67f3edbb91f6bc32d

SHA256
06e28481014b8fd1a14aca11b356d3001bad5d467161793b3a13440717313a89

SHA512
02f8aaf584055393c15c291f2dea85f7a9f334df3d468e2b3ead674f3e12c754396b4694dc12e8a6c5ab51f89e47df1319b6682d87eccfadc76676e954a4e1e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bb

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bc

Filesize
137KB

MD5
75bb8cf0d0646c3098a0681eec9543b5

SHA1
dcfe7b88ab6fde6ac9d9f2b7f3e07b5106190795

SHA256
b1ad099bb624da25be65c6cf34e4dccbdcae2051157b39b105f8017bd0412d4c

SHA512
d64532b3359105076424c084c4edebdf199e80a4522f2b7e05574c4532ed1000255e82a2851bfb896f35eca454fc82efec9bf3cd85d283e1ebfa9136c5ebd0b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf

Filesize
27KB

MD5
dc654d5da1a531fdb3b1bedb619b0182

SHA1
49d3de45bea7c279cf0ffe4cbc43c24779d1877a

SHA256
b395c195a5854253500b3b210e585ec801a47b49ce7b90fa5a9717df387598fa

SHA512
38952929cbf8e103cad50007cb492c93a7feb8d9d1853773883e2771cc97e50d6a514cb6347c912e7945d126a35677cca854ce8542e2210d7e59799238bae8fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
e66f24c7c6b33e7ebf9d72de66bac3aa

SHA1
f0533c36a4dbb6be80f0009fa1a9bd1f2453cb37

SHA256
fb2a00a47cecf13be31316995973be1ab05f8adb5190f967b456884c3a864d76

SHA512
f11387cad72c56fba7c118552c6b1096610314ddd347f4967c9947dbfd15fc8256c92dceb8a983f5ef170d3e8bdf3086c5ba29ffa6c471af343e60adc88b4a81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
2d631fea49da6813dbac452544d97537

SHA1
ba197308b787ea79e488780720c9cfb546bf761e

SHA256
63fa6746f57434391ee649b101878c401fad7b5dd004adaa3773a25e587aa6d9

SHA512
da5de7bc9b1b4906bae8d6cba8a3eb93b76ae3547ed8724d5c29fcba55fa68c610c2f74ab999fef91be70d3315b27cfe7ebe75bcaab454e1aecc5b83300eaf8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
e415bc78247f71a32311cc7545ded6b7

SHA1
2c59628b4ee5e1a9264d077d641c71b47ebaa1b0

SHA256
d1a03b9b4d9c2321b6121378ad5d6146b31c80be31f52e562d2d2e8b2f1d4fa7

SHA512
20d505b1042b62da6c4b1fddbd8e1027bf85a442f09d34a1fd1876f82b977aa02b0a47120536e7284096df08411c31296c1e9cb0fb6c2998dd0357e3e3a1811d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
36a7dae0aa794f1f6e2ccb8ab2bdd58e

SHA1
93f720cf18a6eb732a815866e761e6b94e9f8c20

SHA256
9cf12ce2297b0f981c20ac73f995e678011cc866c9457d6298fd7b60c68b8b9a

SHA512
482e009e7cfc587c95b1a0c00e216621498a1bf92f0103670cc3e3109bd8ed0180ee9481f775f4bcbcc3c029372f8344d391c94efb3aa268a0c1c4f944f0558c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_softoniclabs.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
17KB

MD5
39e98d257490ab3c17cafa4185989cef

SHA1
126e6e14fcf1cfce1cb155d6aba1499c0805517f

SHA256
13306ae65e71c12517cb0344d7e6019add30cc8f02c58ef5735472a2ad134e67

SHA512
07a431bf68339818f7b919c5627c2f4b5505a930bd2fe742f1bfd544c098ff857dbc4bce2530a0800c6c35229f31a83c37905f18f25577ae93bf8ad031b913bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
fb5ae45fbb43cb557ddebce950d3e86d

SHA1
9a71b8b08be1c3353deee97754a6535a7d551d13

SHA256
1b02f8fafa2d441c5edc36eeccd5508716cc7b01ac2d42912e1260a0c4a03d8f

SHA512
d54dd1bd49d387fa6d2cb143e41af7248275b4ebf6b2a845c7d86204b3f638e1c7eff9efe2f3740cbce5f17166fcab3b8156fa793bd3a1b15b12ce575f7fcc94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
cc70049a5d199cdb906a482306bbc2b4

SHA1
3dbc168e5164f35f437c9b9586f0322b52d605df

SHA256
d77d3c5a1f382d9d697b83b11c69913131a00d691b812a459b33fcc8d960c403

SHA512
6edb3540c1c9d7f72e413f8713af9a815fb9494a802f6bbc7da29c4fe913cbef95edfd282b0f3758edb34b36e8e02495dcf5331f41163b2bcac669726f07fbf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2cbd658b694f8c2fcc2f68bc3392acf6

SHA1
eb40175d007a6315f4d0ea27ea2a5abb21c340ae

SHA256
ffc1c6fad8609fc2e13c5a21a08f889eac3933f2e5f032d06fcc7da9d1080246

SHA512
8d223f0f3baa3ec1d8186380a74e5a632c61ef40f31b036280778f3fe21d4bb3e23590389cdb22b2c7f78ec9f4cadb33f83db1efccd2f09dae9f515ef15ef5a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
61b5beb4b46fe3e2bdd69492fd49a87e

SHA1
94d79abd83d3b1babc613458b57496783436ad6b

SHA256
4ffd2f21c58b1d17f18b820ec3f416f305b3e239ed56c6207fcbf553cb3a9e54

SHA512
87bc5ac2e58080aede170615e76218a2170260b45efb4e2baef7510e9a53c2f078da739f0b89a295f6f4abb6824758c51bea1676284cdbbaca3d992f0780269d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
34b2dc388e582c6e4b54515fe7751303

SHA1
53efded04d3317f5ee1dd3ec560c33186baaae3a

SHA256
8adfded9df460d030116830b40d1fbcc8e8a494e2366a405f48ed99f36d242d3

SHA512
3eb1392eecfb787dd4a8062db206ede5844ca0c951da616bbe25ac47cf0dbdf549d6a88aa4f5888614ada0ca0dace2bce503a99d4b4c81efcfae58457c78750e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
885625100125e6b474fe0aa0184fa113

SHA1
8fb5f727c95ff1aaf45c63de8db859042e363dc8

SHA256
e3610d4a7ea8dae00de82a4ad6bc854cfd0deebd97419964f1ffd6a01b075d46

SHA512
a0861bd29d6bc92286411e52353f8d7186876ea3f7ed78d2588e947757be00a74eca8c2ae6267dc5cfbc56e7564ae767b6bccc7c9439516c326b5d59d504e69c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9b147a94092c4645c8f1d0fedb448665

SHA1
0bdbfef8021568aeb6112d614e8afdd3a37285af

SHA256
c21e8e270c48fb6db61a06438ef62879f515a026d6d933a719a044893a9726e5

SHA512
3cff1554623f298289e6f8d1aa079be498428e0f30d8fcd6f148ac3352ecf8fb804fc6a53245064c36290e1c30722e2f26620cd2bf84c4814c570ef227664683

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
f9345dcbd20d69e3a03e65836f0b3388

SHA1
1d64db7a4fa887290d4998a452a7a2c9a17e9400

SHA256
f40d2cf722cf1ce6bf4c01730272bd238457a9bb496824b78423f126240568dc

SHA512
940ec02715ef3113ca03c9c9c5042626fc86368f90a15df8bd64be33da03a58b389701cf3d38e274dd876b3bd2b0703f82d3f65862f55de3780d5ad8ccef942d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
89c64dacc92c7baf417ece52aa3046e1

SHA1
714d42f61400186177e64bb4b32cacd626d27f23

SHA256
14163170a3244bdd3fddd19ab73a162ab3c5d5b7ab3c42de9b3b9da95819aa3c

SHA512
a01c3f72d3edb4d79de88581186053da67e32c097b1c94dff4015ed2e620a64e66796df5eaf3e3bfc78612fa794d332795cacc3963f594b3484096497905957c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
5346888213ee0de4d6dc5598d8084327

SHA1
7811d234f50e54b00b463ce0e2e701d250e708ff

SHA256
22ad7bbfc95079a89ab19da4bb56e5fd5308046de3354735c99c63b3c16f9041

SHA512
d8147c8e51545b1f04b125fa01a5e038d787071df1807473b3191d1716c97a34dc9aa88e67343d970d34a64c41eb188624d23fe04656186789f810c8c97bd3e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
020288069fccfa44d907761cbf428475

SHA1
6b487a26388f72349afcb29f18ceb739463ed89e

SHA256
22bf5b3413ea6a448913c0cb9bc779a4d186e3e2ebab4d0b35c1bc3e555335d1

SHA512
c22011c5214f0343ae8a35f37e540ef9fe43187668e12d6bc5890d23719fcdd59b9d5d2a194ea0942170cc9748442fc8027d1575ee65bd899a84fce2ddd9078f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a6284.TMP

Filesize
48B

MD5
3a4da731fcd34e96abf47e92dac1fd00

SHA1
087ad61be6454bd8d6b888dc93f24ca8ab362c23

SHA256
142ffea1bb3b4c1e17818652699e1d24a3f883e5195ea7ec41580680684d0b3d

SHA512
067e9fe14dd0b8263f6419e32e6684e2bd28c16a182b3a9ad1a16d8124cd4beea98f0773ae047499ac144ecf8de0f06f564be3ffd3e23ee4f021a17bc09ceb83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
b0b71a4a7a554ea1fbd54cb00d0803ee

SHA1
96bd248df77c5a663bbfb37397314cf7d60136a0

SHA256
665f423962ca66211c413bf6c52e8e8c5074b263da2c3011bf6054cac8edd621

SHA512
ae58c491f8d103e999a341c7ce16d3b6bb673f520d86db7267cdef2ecea0006849cc74e0757323b7e047e1d8e764196790df1c507ea60619c2107d9af0f32d8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
17eed89762128579d96768727cbf66a4

SHA1
4d851c76b7f3eba2c2de44ce630a355aa28815f2

SHA256
221461a53b676847f50903f41833c184f444e58c4b56f8cd044e729fcf7ec046

SHA512
65825b193637ad36ea700d1cd67f3fe092c4c79a431f2fb3ee0520aa2dbd19bf08c286bc4e0e93623e4f30b0c249fa42ac8a31aed3bbd659b399c5b0ec2eb3f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
3cd4fd46fbe8a3619a34de7bb860a629

SHA1
73fabddb8a5aaae0f474fcbca08404f969ff12ab

SHA256
62ece52776f6ddbb9872f1df82bf96ec046cf5407e9cf6d84f1c04e589c87f84

SHA512
81e0be0698cacecc3c2d39c6cbb24d54c575c8baec3f7e6018328c7d2ba002217d4adb4dcab83292a954159a3cd5ec7dee502b05e1e1260be8ea81085c451ff7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
b3c274f7d6ab2a3d36fe98e2377138d1

SHA1
ce7c0c18259dc743306e9d3ad78ae9d49ac8b010

SHA256
0e325af4d8fbb39fb2bc634b848cb8b7981e0cfec470b32f2376c1c2f206a55d

SHA512
06e0a6cdfd2216a99f943603a77d2a0b653a16617ca64b9e7eca34713681ce8c42b3eecea679e64ec6144ce0fd2965ad58440296fb2a394298b37b6030017f0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a11b4.TMP

Filesize
2KB

MD5
1cf439199c3ba052e4c1337217247636

SHA1
b9c1064b3fa50dca61ef5884916ea645eec4d6c8

SHA256
e9f406d12cb173b8a569995282fb030e3a2f96475b42b98403e4fcf3d910a347

SHA512
bea862e176bce1a2d151747c257d90b0a89bfbaba2ac30ce0ef36b6600cc6418623aba96c07f13e0aae4c08886e0101376729bb0e1b907e9af06b3e08245c0ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
22baecdce6a36fa233130f6abd8e817f

SHA1
acdef560b9bd1330a1d2b31a597da4a540972102

SHA256
d3eb6256d76f580aed08b0fb32d0e62a00877013554898acf7de931b87fa973e

SHA512
cee8762f3a1687c6c2c9495303be2403c49b0ae01c9856a9b548392035e1d3662e01b4e7c2489c02cd790a41c2aed9d2c9cd9c7f13141c8532cbc882417fb66b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b4d947d934b2287e63df931be5b0a327

SHA1
581aaaee84b40824f8ce91c36ff94207b9c59cac

SHA256
18a95d6ccfe60dacaabfad19b9a850b26b489e3b87d187159f81da26164ee66b

SHA512
a2e9820224a704a77003d1e60832beae79c8d9697279af1f0fb6e6c1f0a10cc5c4ae7a33afa712e3187c312d70146848be074203a6880ad45f7ed2fc37c668d2

Download Submit
\??\pipe\LOCAL\crashpad_4448_HOPUUUNIUDRCFDVY

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit