2dda788afde2a1a4b6302472c2ad6c50204e4f50993c8b9caff6ce59688d0bf7

Resubmissions

22/11/2024, 20:10

241122-yxnm7axqfz 3

22/11/2024, 19:59

22/11/2024, 19:32

22/11/2024, 19:31

22/11/2024, 19:28

22/11/2024, 19:26

22/11/2024, 19:22

Analysis

max time kernel
130s
max time network
132s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
22/11/2024, 19:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

19KB
MD5

8f3a29f4188d7415e59533fa5779e425
SHA1

24191eb1caece99e17844b7613bced2be349c06e
SHA256

2dda788afde2a1a4b6302472c2ad6c50204e4f50993c8b9caff6ce59688d0bf7
SHA512

b3c05588f9a014edc10c9534226e784954aff15aee619dc86d3a8d52911f9f45139b759598c721e25d4c838476c4a249e52bc765d79d6b2bc94bc8d049d7774c
SSDEEP

384:e0Whsh1ocy4c4lbGadMvhpNlfWMLJPKlObz6r0sZrfk1xCejiw:2m1ocy4DEaaJpNdWmJXbz6r0sZLexPiw

Score

7^/10

defense_evasion discovery motw phishing

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
2372	Setup.exe
5176	nsz4DF9.tmp

Loads dropped DLL 15 IoCs

pid	Process
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
212	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Setup.exe:Zone.Identifier	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	nsz4DF9.tmp

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3587106988-279496464-3440778474-1000\{71CB7230-90E2-4635-9A43-92FD04BFEB48}	msedge.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 942139.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Setup.exe:Zone.Identifier	msedge.exe

Suspicious behavior: EnumeratesProcesses 32 IoCs

pid	Process
4960	msedge.exe
4960	msedge.exe
3464	msedge.exe
3464	msedge.exe
3964	msedge.exe
3964	msedge.exe
464	identity_helper.exe
464	identity_helper.exe
972	msedge.exe
972	msedge.exe
4584	msedge.exe
4584	msedge.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
2372	Setup.exe
1664	msedge.exe
1664	msedge.exe
1664	msedge.exe
1664	msedge.exe
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp
5176	nsz4DF9.tmp

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe
3464	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3464 wrote to memory of 2092	3464	msedge.exe	77
PID 3464 wrote to memory of 2092	3464	msedge.exe	77
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 2004	3464	msedge.exe	78
PID 3464 wrote to memory of 4960	3464	msedge.exe	79
PID 3464 wrote to memory of 4960	3464	msedge.exe	79
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80
PID 3464 wrote to memory of 4464	3464	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff895623cb8,0x7ff895623cc8,0x7ff895623cd8
  2⤵
  PID:2092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1816 /prefetch:2
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4236 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4220 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2580 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2552 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
  2⤵
  PID:248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=984 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8612 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1
  2⤵
  PID:576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
  2⤵
  PID:1808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9360 /prefetch:1
  2⤵
  PID:5600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1
  2⤵
  PID:5516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3692 /prefetch:1
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2552 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7992 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9476 /prefetch:1
  2⤵
  PID:5224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4220 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9956 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:2948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10188 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9892 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9968 /prefetch:8
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=9964 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1968 /prefetch:8
  2⤵
  PID:5588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9332 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:4584
- C:\Users\Admin\Downloads\Setup.exe
  "C:\Users\Admin\Downloads\Setup.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  PID:2372
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://pcapp.store/installing.php?guid=605430F4-93CF-4C59-84CD-E6CD51BD2585X&winver=22000&version=fa.1092c&nocache=20241122192409.716&_fcid=1732303429038388
    3⤵
    PID:5860
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff895623cb8,0x7ff895623cc8,0x7ff895623cd8
      4⤵
      PID:2296
- - C:\Users\Admin\AppData\Local\Temp\nsz4DF9.tmp
    "C:\Users\Admin\AppData\Local\Temp\nsz4DF9.tmp" /internal 1732303429038388 /force
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1836,17075263927452099646,8927837920383081004,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=9720 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1664

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fdee96b970080ef7f5bfa5964075575e

SHA1
2c821998dc2674d291bfa83a4df46814f0c29ab4

SHA256
a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0

SHA512
20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
46e6ad711a84b5dc7b30b75297d64875

SHA1
8ca343bfab1e2c04e67b9b16b8e06ba463b4f485

SHA256
77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f

SHA512
8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0fc85eec-bb46-4e69-816c-fc879b7f25d6.tmp

Filesize
16KB

MD5
ab4a57c602defdaf02991fc680d498ad

SHA1
2d3ffc817386d2a95afd97aecc7e47e3253a4d28

SHA256
55dfa287e918fa87595ceabcf8e47fd09ef354f4df4781c947dfe315ba243b3d

SHA512
64cbd47469a5498126025edae5c448e9c67b1d9f7e0c8a24b171b08eb7f326116bae827d6f12d23a33b44fa6998f099809a2738ecb1f6b77ebe05948f1ec9825

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9004d798-d808-4ff7-9311-5782608b894e.tmp

Filesize
5KB

MD5
27824f06b65d3afcb8225b27e1d3475d

SHA1
333666cd4bf715ec4ebfb2d85e1d21ed6b2b12d9

SHA256
cc2314eb6e4b33e53af600adc0ed84e0546f1722c1b94d2acdb86802f8196f9c

SHA512
d7e9e6b620ce491f281e8401bcfbfc032044c8cb0d6a5bff0c7fe9514e480c7b691b0a7e96fb2621c4daa74c77c24979302231159dafc998fe92daaf080f0a6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

Filesize
32KB

MD5
59acc8135a10d7649437812606858070

SHA1
d5537f7916dd2868b13aa865c8ef36422385e879

SHA256
fabc7c85c21a9663074f962100bd58ee0dd40cbe386050da47c412304f8bded8

SHA512
04b34d78d0f3bb340b04231d5e63349b82110a6bc4173e7b9898a60feaafcc7d25b125b156c23f77fa195983f458cdddfb62ddf6b8f1beed9f4878556f1b55fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

Filesize
141KB

MD5
32cf78f9a61ee41bd8fb73a5079c9c80

SHA1
d23b7a0d87a9596c48c4a56659514f8f8dc4408a

SHA256
c4f66c03fa86d9c9fdef363019033808201e7cda1c26386b54cd85330c5aa92f

SHA512
9989114eb9fd6bb8a195b917bf654f412b42aa57d71956d12266f209ba7f5b5abc848dae6a05de7744bc6527d3e9ad3e92e691d57710669c4b8e101ab15c1bd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
21KB

MD5
80b08786340f094b83872e902b4eab53

SHA1
25a95a14e677bc1c36648ad1077e3476e879d144

SHA256
45eb3d24cc574deb55bfe1b8c60319d4b60f3d9d37147ccf73ec4371d89484f4

SHA512
486d0ba8d2081781231c8c916d05f7dddc5c05899696a2a5fa67d302a327f161e70d1dfb21f42738cdf327affa905e714baeb66021cb2ecf720ef94668b1cb06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
19KB

MD5
43e938feba1c5d3f13b480e5939831aa

SHA1
41300f992edc0cbcb20669b33253290f9e969aec

SHA256
998e2a9c21058b6d6bf46bc02e77d9261d8c57de10a039d38ea58c9fa00494f3

SHA512
c2760b3b53e783e038749523fe8c2454a50016a74d46856bd2f0fda03051d7668c7b03b58d5d566591eb0433fb5efd1486a32e3b6c19749c84443d80edec5f08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

Filesize
17KB

MD5
9f2385157e4637a0426a9bf25312627a

SHA1
395b7c1428ee59ebd152d6917494ae39edc460ad

SHA256
6b20ede33b01a5b351c42913c5478fd87bda02c26c07782ba22a1112e16b896b

SHA512
e220fc5181801c0f02bfae8784057f0800ff31ff05e1233bea9d6f95f94b501c2f1215e38590bec76ba00d3ddee29ef41158d60d3bca0613dcc73ea7b58c5e4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

Filesize
94KB

MD5
4485f67725eae2a8f1bb141f9d2173b9

SHA1
a93ff07fa3246b877201b61134c04096587f381b

SHA256
e9e3e9950b87f85dbbffb2eb1902b0fde94d92660a290ee609e306b68d8f781e

SHA512
9011603b6bfd9c8f8c78cf19b9d18433b71121ba0a4c9d486e67cd3e6826151cf883b15dca282d7aa6e5b9cfc719a66e8ed2db2f0716b37d562740be126c3af4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
152KB

MD5
4521b6fb0d76ba6fbde6dacf5a6a2a51

SHA1
8ffdc57f21502f0164760f9e2bf4dc10bb3fb43b

SHA256
4f9e8f4c4e21819683335f73bd1e7d2b3afaa30d3449508472294885afe8f0d4

SHA512
13819a3a6357cd44717fe768154f8117115b22043e9ddf024b5b7ebc5ca427d733261e0a0aa0237be54dda49fd3010853b1692dfb74fe42695d201cfddeff552

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

Filesize
152KB

MD5
5c75a471e458592398b95173d4532b23

SHA1
65f111e8c0708bc96211fbf7878e8ca1a98a5f97

SHA256
7fe2380d0ee378ecd39e6ade15a9776752cadbe5542d524182ed4953f21aba0a

SHA512
8f1dcf6da4f616e6690494c811100afb9335026e5645a01cf1fe1a1d9abad9dfe4d01e42049698a46f42b20262334cf86b6977208f14500916e066f109c145b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

Filesize
88KB

MD5
e24b85ec736ed0c5595175daedb98e3a

SHA1
ec0bfd6301929a87f46404c34ff46cc528a2404e

SHA256
a4c7e0e71b67060482649f1883082b1cfb936cbfccdf02dc9081c63c88021f63

SHA512
ca2ccad60ff60e8e3cc11c2ed0c81d0ee0ed9993ea6736e60fb542ca45790760eb6d52e3bf7b54c67525d9134aeee3a1fb54a3e8f0b6b538b6f4ede536405b00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

Filesize
27KB

MD5
dc654d5da1a531fdb3b1bedb619b0182

SHA1
49d3de45bea7c279cf0ffe4cbc43c24779d1877a

SHA256
b395c195a5854253500b3b210e585ec801a47b49ce7b90fa5a9717df387598fa

SHA512
38952929cbf8e103cad50007cb492c93a7feb8d9d1853773883e2771cc97e50d6a514cb6347c912e7945d126a35677cca854ce8542e2210d7e59799238bae8fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

Filesize
20KB

MD5
d95d8acc06b1b8ee3b6461b3e03038e0

SHA1
33ee8605380c3598e223e90d0f6b1d77cff99f1c

SHA256
6204dee01c755f688d8bf79cab7ec4767a368f332e5471506556a7915a56becf

SHA512
7feced5181e6e6eb63adffe5929834ba1412806640bc04252bde3c8cdd589e452122e1306af19ec610b0624df7b824764a46beccee0d503260ad6e9f6c93725d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

Filesize
88KB

MD5
fa6974132aaf54c02e4ed3317c74fe11

SHA1
bf12a5afe648a749e864c397bbf7a68753974999

SHA256
29cf8da6cc4ff1eb1b3dc491967627c08e3c9fd7f419798b7b58ba212b89f4b9

SHA512
a7f8525227fcca2083c2573a30834c28d6aa9f651d0544caa7305561a8fc1e221b413713e1802fcf040635bd3e1c489699a7e84dae4bac2e68b561bc6bf678e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

Filesize
84KB

MD5
c3d8ead000a6d7e7ace15fcb9334b8ae

SHA1
1766cca65893e2aef54d0ccccfca993b5eac7ddb

SHA256
8c7bd31fb4a4816cc7a24f6acb6d8791f8fff0ec65c7d3c9d77a1d0b90b6c3b1

SHA512
72eea8ea803f1e72ec63369d3826a70cc6f797b64af155375443d75993b6a31ad1ff637c09ff18915d1d4f9dd1457df3f97f48fb54b6d7c15351c95435e5c122

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

Filesize
43KB

MD5
49c6c2017aae0313785979c3734c8e4e

SHA1
9b5019fe772209480c613918bf8173dcf245c97f

SHA256
5b5869a12179f7bbd951275b641935a69d6c028b485c2ac12c01fd9bf20fe08c

SHA512
e3a69e015c440752744f0bec7b673192ce3d3a7a801c59da5646ee91c7a2dac2a148f1bb8c79027c44d7d809d414bc0847f452548e870e1f175084eecedbfce1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

Filesize
28KB

MD5
1b8e5496aca8acfc597832f2aee42ec5

SHA1
9f8308fd46ec50e4de5419428107c5703ad36995

SHA256
7c3b99a73f295ce216cd7d8143af310fe64cd0a6d6f60caaa7c7c4c97442bdad

SHA512
f84492cf9efb9889e3578b0977d494367ca9bc9bddb0aaebdab5285850c59bbe918145abfa16a9725f4f47d5cd7c31dfefe98156e698a4a409288d5ae3e34621

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

Filesize
91KB

MD5
fe24b34b0d08655a951ea9e0bf3b0336

SHA1
c7ad6edcb8fea0a21b2a0346345e6b6c1317dfc1

SHA256
6ed491e25ed45dae9c5602b40c67a13bd7b253fe2addfe8893d26f0b46bc2bd6

SHA512
7982896dda7e75e5c6b295e9b6353e0870461cfb1e4f206a6c846cdb503580f66190bb8c9b4272af7573aac481b10099fd53108b8eddbc17bb7857b91c5e0551

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

Filesize
123KB

MD5
d234d94d8940e8b66b7851f0ef59f679

SHA1
59d68b8e75452db6679f861544413789ba9373dd

SHA256
a1207e917aed03c4654f6f82d327f39f757d30f6ec2f6e6b9413d6a933678035

SHA512
bf8a93e4cb90de2c6a842168ea8791e5cca784f042bed353ab982aaf5a90aad185cea331cd5178d9760edcd0fd561ae58010c7da9e28642af66338e13c90e676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

Filesize
20KB

MD5
01544cec8ea1384b58d63e4c1955b9ea

SHA1
bda9a87449eee2fd053b56a7844e00b1460eea52

SHA256
f4d9c14f01e2caa05f3aee0e1c6b4bd282584365271ae8d484bb9c074e6b039a

SHA512
f45d85a0230e51b1942ffc2e133512b622ce0b07e4687e1227a3fb4feff3d269a75d7253add58b158eb03b88972117a38ed38db5bd225d2dab39255e004c713b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

Filesize
62KB

MD5
fdd3922edde39c73dc37b568650e47d2

SHA1
1566ef03ec365d9d7e4ac9fc9cbb4e5609b9b976

SHA256
d464beb2c15b29d24af42a7cf74db9539652dba74de861feb169145b5589a3ad

SHA512
b3c7e48d1bdf62d8436ff428af14155a5c2e834ffec8003e9457fc1458cd77b7474210edbb5f57eb838723844f6139b3c523d3a9d1d4f525aa067bbccb9e146a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

Filesize
31KB

MD5
a4da976dde535a4f11ff4c9d57a8a56c

SHA1
fc4c29049db6d81135507dc3736cb638340f55aa

SHA256
6b85680498d0061e6b748f0fd9c904c74eb9f265f7d6ff6b33a37a0656164bf9

SHA512
e3db7eb080a2c927ec3a223d16d818cc76f9da51525a91b8eb3cc9e15106e2939ef6d550121b8cdf76d38c001971662d833d70a269ccf35d36278d25cf42aa18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
67KB

MD5
ce58019b091dbdb1895be63d765b1177

SHA1
37a38458a92835c43b270069c0629c6975b2ba69

SHA256
8defb86fd585d1e578370bac22698f0de49d509d7398a0e83fbae7a9d11e0fcf

SHA512
36be843dd5630cf0c76219459b2ff946fa91ab90be31e3ac62452642a79a062b9d7aaae14a0ad8fd92b1a6d468394f1aa8bfe45f262f33e34048b46e046a1b27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d

Filesize
18KB

MD5
115c2d84727b41da5e9b4394887a8c40

SHA1
44f495a7f32620e51acca2e78f7e0615cb305781

SHA256
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

SHA512
00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f

Filesize
20KB

MD5
fa4cc25f0f72ac052e9413b46705327a

SHA1
72127f17a73fdeaf1d867ff721f8115e90d82e8b

SHA256
62215bb3463a1bdbeab484739c056495d60f9e6feab8e3974cde6bf69504f05e

SHA512
b33ebe5aad7802e7aadf31bc490bb697a7a941c4ec9a03c211b42bf54403f05dba02fdbe42bd7c28a27e309c868f4d74c060840a4aefdff57ac9c5c2cb66921c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4

Filesize
20KB

MD5
b2442bdbe1833cafcea521d6c61ebfe2

SHA1
1a4efcc6c95879a3dca4b977eeada5a87a070ff4

SHA256
3253fade0ab13b0b93dd0163d0809c7ac0c0ec7b6b7a0ed2916f763636cd77cb

SHA512
a4a5881ed0bc829583a9f914708e9e8b61793aa0f895eba7617f796dff16cc46702a27385a341da6428707d7fbb37534b969e843fe508c3ba948677c04e52a70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\118c7f3c9055a906_0

Filesize
22KB

MD5
13afcde21e53ba195c5ea4e45d078276

SHA1
f106e86c964a7a9805b6c586f8b4edbc16d28d9f

SHA256
a067051e4a71c13e8aa9e403c9803a5ed3f97903a1bb54eb5660edb39810caa8

SHA512
6fe9c2088862dc63e059652cbf626147bd45311b1ed968f9c903d4423a06a4f5bd1edbdc0da1970f9b55bfc6a96294cedcc8916ff0469beba6a4ae342cd862c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2452536b75924538_0

Filesize
14KB

MD5
7844f4aec41e45fa6a4b6b9e4794c0f6

SHA1
fded809e8bbc43d4ee643206efdeaf4a450a6898

SHA256
831f795393d58edcb59b760e2a43ddfccd3efbc820d662df7bd57d737158e0fc

SHA512
c9d8ca98b842c94ab52b6f7fd7808c6a0a9940653188c46cd08cc0f935a3b8a1d4ef67ca06f0e33736e9f9e9b9f9a5d4fb5114846707fd467aeca02d4a45f713

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9ca3ef7f97f6e118_0

Filesize
267B

MD5
5a91e8a2533c0dc0934a2b9d4b0c06a4

SHA1
dd667b1023db98d7268929caa79d7507aceb9b79

SHA256
e67e7255df8764753f64d67fb377c4799fec7f14b56690b1dc0b18c53120425a

SHA512
5fc25fbe15c3c6a6e51f32d8f77825180cc766bf57f668197412b3cab322154f27f06ab4d55a461efda395fc5f972c7abd0a2da5fefc72ee519d2960f6665ff2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7d34ec8127df99a_0

Filesize
160KB

MD5
8faf65d73fbc893ea05f7f867bb691ba

SHA1
2fc5784132d30b635ba8c319d882d7c345d64847

SHA256
bc69ab408dd3dabdd85812d310edd02fec49f8bdcb43a5d0ba3f2ba7f2880d2d

SHA512
9304eab4b74515c0378e1e81a0d23c3b24999d9db0de6e50080f9aa8122ae126d0a09f50f6ba7538b7f7f38f137973725c21b77806023de18d73c439772cda82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aee119e38fe9c500_0

Filesize
345KB

MD5
a06c3ad5c6ae28d97f9d9201a119229e

SHA1
7615f6fbc65c1d893f99799d088189b17dacbf76

SHA256
1cab1330cbe0e4ec869254e896dccc0a9abbddf0fe6bad14119c151dfdf09cc2

SHA512
24beb2cf0a5e6a73551988e33865d78a4ef02c591dcbc5288e8f110eef4d7ddf3b366f5a55002603016d3c89477218f6810bdafdce1692657cf5043ba3e05b96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dccc6e10ef775901_0

Filesize
277B

MD5
4d7928e11527a3dfe0c37116d49f083c

SHA1
5c9826b2b8e13b78bd16c7a484f8285497cf6cdf

SHA256
e5b044e738a416665d7e00ca826a0392bf20fd67d90db2018ab9905bc118820b

SHA512
bd97cb1e8f9442570514c41d476ecf8427935a51f2694dad9a3d869dab288e6c8f90d02aabad03b24264266b91e2b5adc3ac195e501f0369b0647e6ef323d356

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\efb2cfabf9bde180_0

Filesize
55KB

MD5
a506fa9fab550f9494ba0e550686e38c

SHA1
60fd2fb119a86061bf5e0606c9f9489cb13dae8d

SHA256
05c14b1330e873b02423c9a915c4f380b7cf084fb737fc05a6def2ac0ff6c59b

SHA512
a4aa56aaf08cccf8a2ff86b2bdeaa645975c9ebf8799bfa03a1c600e786e87e35371efbf2d11c04d89eb3a983d2aaa8391e983d0ac63f15e5620fed28016886f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
c4a35c9891976dffd289738c67b4b6cc

SHA1
dc32ac7a2d52be2c234773c4bc5dca6141bc5aca

SHA256
2d44478b9b3861f93801b7e02922509b39d8a9d1100635cff135a3e40a165778

SHA512
0a66d3bd833121ee7f184573c52904b85ee72389e3480ed1dc469e8926213abda5db7158c4b7b8c433627f7e2320bb77ad8d15228160a87da35b15ecab6e1f6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
14KB

MD5
0a40b27b21d2d8ecbfc778052daca611

SHA1
3cb3a5074b77e82176c4a54b8f84c6eb64790949

SHA256
ccde6eb9518da6749062f7df168085ea0a9a111b62f93a152fb84471520bab89

SHA512
a2490bcfdf13cb13ef2a559e3dc9508a2f8bf53a97ef00a771e2ab07355602d51edd5d78ee6f3934ab5dfcd3a8048881de5ab3326536599f9a35ca4f68700bb8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
b333f4f3cc367f0e8588fdd87c1998c6

SHA1
1e43d10b737a2bc452990745defb092f744c51de

SHA256
bdc31e9460db3e02b8f23f00d0e0a53dcefe7f288993bc18d0f666a88827f6be

SHA512
291c6eb33c13cc9588d6cbd3a0e6ed63ce2627c76942b57b795fe3f19d74d589132acbf4719462464ef1568e4f16ff0fead7740dfb4630679306f499d9c94fdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d1d38ae54bf59a1c2beb313ea8f007f8

SHA1
7178df19829c375ccce6169647b1d559b40139ad

SHA256
406fbf66d2d8f6119c2ddceb7381b94010312e97fdb28839e4b5f3ad520dc707

SHA512
6635c3dbbba6e34f143be643033fbd6ee65525e9c8082948a9790c817d29c5d955ebb42a1c07895b510628123c57d746d5573e891e74035a34ce3b63ad02db0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4c6b04b27fc0d8bd84b570add4df973b

SHA1
faefbf066c11d6882ff265006a4aba5570b8b9b5

SHA256
e8bc618937fe8195aff0c9b71b3fe9b5ac7fa39e4311a72cbd48c022cbc6326f

SHA512
1784064f97868341e36a5c16ead3133d63baea0c9b27a3d727196182b298402c75bdea4d2ccce0456ec84b61455ebff9e425edafcb5267ecd6a395efcaddde7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
c35ea49500b8ef9ee3c232c36098cbf2

SHA1
b3496c4e2e93ed775c076750ed0171f9998c589a

SHA256
c1ed8106a3a9ecc2dbeeb2993af517273721f41904f54e0da1ba20609b293df8

SHA512
f60a17d2975c85ccff5d76ffba4ecc98ae78dc0cd182cd012857d8215200d4cfdb170e31498d4000877d3217aa05f925977800ac904578425a6817ace1355864

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f8df0abcebc695c9c36184150364fc48

SHA1
f18e712609d19c0839af96d3d0c8b9012891907e

SHA256
0fc2cf45a891c2f621db13a094a0edae070652d9555c19742f6d931d0a20351b

SHA512
121259140ef319ed36a7477f2ca90ad2b1efca591fda844b9f56891d11e19fb8ff599fc6c154674f7903adda4699df1594cb0450304c8d6ca6436b952a5ca5ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
15e5ee10073d270515415ad317583047

SHA1
8a3b5585016665b46ec8acb39109c1cb6984c0be

SHA256
c7659ffe682d4bbe4bd1ddeb96e2e0c67f95d4c0f4934e9efe031fa80d4f1a21

SHA512
e35cb1f8b0e89639854eea17a74117073dc1b21c048b74bf043406465bcb501a17663a5a86dd27dba94d9d377b311e2f13d0b64d4bd5c807344d456e8c358a92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
db1dd7aa9a849affedf4e8ae67bd76c5

SHA1
c382965b3d5d662d4a39381e00d16728912f5c66

SHA256
2fe662b24993f64c9dbadce376a766df244e3a1aab11b50e5d5727882485463b

SHA512
d2ea4e0ffd253d2a5c7a38d31280e3de0177be1f3d0b07b5e23939c7d2b7b9ef1e3796dd211da4b884c8faf6088f84d319cd5ed50ad73d95c503112dbae09d5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
31898140c3c91462040eace7e1d8342d

SHA1
a711bc910817aa938e8a901ae21c2f5dae2a8a3f

SHA256
82dcbf111b41c0bd21c37174f2aaf03b932be8299c5cd7ff288a1d2fb49af667

SHA512
f35444deb2f46cc4198005feade829c1239962487bd43d46cc94f178c40a889898648f0b4706073bbd2d84ea5ab98b284b9e8a1fcef64c1a301ab6a6fa3076a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
4074a464db6fa0c561ce6e2e36873844

SHA1
28a9c93d32c9cc71bb5d9e28f35f0fce74fb9b5c

SHA256
e4279c470dcbed8a741bcb616197afb121e6590cd2cec3664060dfb626954aa0

SHA512
5cebd22886840f8714ed923eb909ea603885c00ca240bf7e99dc6546a55f7eaf27fad95e936371d6199a6a377626a25b6c53c01e64a95221e8ca92cbc5abfe56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c22fb33e3f68ed2b11e5aa4824aaf4a2

SHA1
6febb702b5f09d6d379dab757778a3fa40253098

SHA256
b1c9da9b17a6a327a9dbe7df925d03e994b6f31268a38349906e26616a2f2d9d

SHA512
9b3fc399394be8d5d180a1556ad49f1c60af2b765dda94b4c7913f88b9ce5474abf7aeca9238651dc750da7dc4d39758946580194b860a03c5c6b6679e7f5f67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
30dea406e69da96ef806417637d00677

SHA1
5312b056b1976f79cc849837edef0b4dc84ace48

SHA256
faba5fc544fd2e38453f9ddc810e46ecdc5c623df6dfb677fbc1c2e5b30c8080

SHA512
660745a7d027b501a0602fc0de53d9b69d01835fc74fbdd0d12f60ec5fd3d9c457e13007b83e603b92bec89e3ed60007af2e7233bf8ad216898742c68a4b10ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe590f77.TMP

Filesize
48B

MD5
34544086c22682c81691a1141b4b1cd1

SHA1
f6953d4941b88d4c42c1d4e4553bccda6f744c41

SHA256
19a2234bf4d4a72197f6619e326799a7e2223b7cc19fc147155c4ccc36a62d75

SHA512
9d201fd021f9b5d24b7c891328d2683d802ba036e8ba4218dee0bc0cf87ed64a10e8d00b6f906f42a363b41a0e2a6e623d5cc01e8ea72ee3377924bc85236292

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
7145c45e2eb414bfb62ef39476c9046f

SHA1
f831bf10eb357a1c8b595c71026d7704ae360b9b

SHA256
492fe7f21c18c05077340812c7ae984c373e07c8172133391f6f01c29a97ca3d

SHA512
b005466a95f3f7bf8fd95870bf8ea684115c599abc75f73a5f6e21911e435b6f9182f6406aee9fb24398a9f65b997f99489159406239a8b1a1c9c148294d7f77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
94cb341a3d230a460360fafed417d91a

SHA1
f24d0c825b3b1ed4d76d3305b5b72a0f8c7aa448

SHA256
f5b267cbe57669d1c9278be94b0d02556b175d00a91e88fc7dfd7dd9f14f1e72

SHA512
c1a7521feae32b882176d3bdeb2d653b9fe50f9f426d8762d33490df5827fef8ce8c2fa0a27c98f12016c507011d0cde7cbb25fcc9eed3107ad7f960c9b95dbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
e0427a625e0a9497922e9469f40cbf66

SHA1
6a2ce2a71e04f04119a7840211dcfdcc00edee2f

SHA256
bba9a8c52f96a9cf3c8632b40aa32b6c4b1f79b564c5bf18df91ff9d38dbffcb

SHA512
fe7c6c6924dce04c47c3b328970c3d383e74be4989e7dba64da0de67296c18d27128d3dad3c2668eaddd869e57d2ea9d52b2eebfe159a8db71617ba90c30f132

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
71742d8e02ebc5b7f682e15688abe0e5

SHA1
b4fb17ce08a6df1b621ace59164667ed42dcc340

SHA256
073f9d94353ff04fd0341f0a329023820cc308b15c61ebaf3a90a412226e1570

SHA512
52a1278bca15271bed827a8883bd1c98de39c68d4c6537ca2eac0f24cc1beab2989666462370189203c9a4f78555e49d8c2f0dbf1f68dabe65095092d10d2a58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
e25280b25817e3e3851add4cd624956d

SHA1
d796cfe6015dfd6291f10123df1d3bdf8f16ce7a

SHA256
fe88ca9dfe28459bd3da9dc82805211d5366be02158da9263d77ab2db4305f10

SHA512
c2f52a8cb5abb79dc30b9d09203840c6849175bf2811c6b79b1449e6e9cee4505b6e7ffe1dfb4dfac16c7737554398e7467f407e79c8a73f20eea26569639330

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
1bf9637501cf17c0b2da241da6685cee

SHA1
45ec2127ef5dbe3dbfaa775e027b206544d85ca9

SHA256
5de2373ff7200346a0a103adde890b44bf344e262a9110be65621473662e8bbc

SHA512
ea68d5e08b804f58dc9d0350f11d0e74e098cc5d1291022345b3b55ee51c63e95a315dbb11fae086e16357b658dfe3ae9ae12c9fdc27f5bb5a8b9380e88466d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585416.TMP

Filesize
1KB

MD5
8aaafe480508577030552428627dd5dd

SHA1
8519e9d29e6b7f2683ae474803395d03f6785428

SHA256
1bd12c87a4eec34c3f4baf04a373d9c190d814c565c1a622b4d9407d0736175a

SHA512
d1541c93a00acaac1e93b4cd258bb510cc3d42b9df92ccc606612082f4afb31c3cced39cfae6c79e9192c3829b4812ba25866c796c1ef63ec6b659b34080faa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
edb3697a36f4c038ffa33ef7d5ad0753

SHA1
e49f37b71de8ea9505be0c9e0a1669025cf1a36e

SHA256
8b98157974835c0e2caf3498be0d23d48033cc4785484bcdf0c56f57881c8db8

SHA512
81a01c6b036eae1acf92cde54fee041dac81d03d9104c104b6983c82ac80f6449935f857aee6479bd376ca3b45ac3c7e9551fb71ad166e872d5bded1043038b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
620ce6a75db1193d713fab38016cd541

SHA1
e74d7475d611c6805881b3dd6dd651752a13524a

SHA256
14b88c1f9b09b12591f1f7dc153def2f7f5b8fd1c002108378f7a45a93dea6d8

SHA512
25cafe94ab162acfae46ed9512900e85750dfc10c84d6fd222af6a3fbe7105f8d175803d4f05099d87701fea845b52187d0fc0cfaa7430361b0ae06f2e1308fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb39C4.tmp\NSISFastLib.dll

Filesize
137KB

MD5
9c7a4d75f08d40ad6f5250df6739c1b8

SHA1
793749511c61b00a793d0aea487e366256dd1b95

SHA256
6eb17c527c9e7f7fea1fdb2ea152e957b50a56796e53ce1e5946b165b82deaef

SHA512
e85235307b85ffd3aab76ff6290bee0b3b9fd74c61a812b5355fe7b854d4c6b77bd521e52638d28e249a43d9ec7aa6f2670af2b1c671091492c7fe19d6f9a4e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb39C4.tmp\System.dll

Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb39C4.tmp\inetc.dll

Filesize
38KB

MD5
a35cdc9cf1d17216c0ab8c5282488ead

SHA1
ed8e8091a924343ad8791d85e2733c14839f0d36

SHA256
a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df

SHA512
0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb39C4.tmp\nsDialogs.dll

Filesize
9KB

MD5
6c3f8c94d0727894d706940a8a980543

SHA1
0d1bcad901be377f38d579aafc0c41c0ef8dcefd

SHA256
56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

SHA512
2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb39C4.tmp\nsJSON.dll

Filesize
23KB

MD5
f4d89d9a2a3e2f164aea3e93864905c9

SHA1
4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a

SHA256
64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb

SHA512
dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2

Download Submit