hxxp://google[.]com

Analysis

max time kernel
1069s
max time network
513s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
22-11-2024 19:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

8^/10

steam discovery phishing

Malware Config

Signatures

Downloads MZ/PE file
Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 2 IoCs

Processes:

chrome.exechrome.exe

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

NSIS installer 2 IoCs

installer

Processes:

resource	yara_rule
behavioral1/files/0x001900000002ae42-2681.dat	nsis_installer_1
behavioral1/files/0x001900000002ae42-2681.dat	nsis_installer_2

Enumerates system info in registry 2 TTPs 15 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exechrome.exemsedge.exemsedge.exechrome.exe

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

Processes:

chrome.exechrome.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133767773625611751"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

Processes:

MiniSearchHost.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

NTFS ADS 1 IoCs

Processes:

msedge.exe

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 293224.crdownload:SmartScreen	msedge.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

vlc.exe

pid	Process
1636	vlc.exe

Suspicious behavior: EnumeratesProcesses 33 IoCs

Processes:

chrome.exechrome.exechrome.exemsedge.exemsedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	Process
2876	chrome.exe
2876	chrome.exe
2468	chrome.exe
2468	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
952	msedge.exe
952	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
4160	msedge.exe
4160	msedge.exe
3284	identity_helper.exe
3284	identity_helper.exe
3920	msedge.exe
3920	msedge.exe
3144	msedge.exe
3144	msedge.exe
2172	msedge.exe
2172	msedge.exe
2768	identity_helper.exe
2768	identity_helper.exe
2208	msedge.exe
2208	msedge.exe
1604	msedge.exe
1604	msedge.exe
908	identity_helper.exe
908	identity_helper.exe
3708	msedge.exe
3708	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

vlc.exe

pid	Process
1636	vlc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

Processes:

chrome.exechrome.exemsedge.exemsedge.exemsedge.exe

pid	Process
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exechrome.exe

description	pid	Process
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2876	chrome.exe
Token: SeCreatePagefilePrivilege	2876	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

chrome.exechrome.exe

pid	Process
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe

Suspicious use of SendNotifyMessage 63 IoCs

Processes:

chrome.exechrome.exemsedge.exevlc.exemsedge.exemsedge.exe

pid	Process
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2876	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
3536	msedge.exe
1636	vlc.exe
1636	vlc.exe
1636	vlc.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
3144	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe
2208	msedge.exe

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

vlc.exeMiniSearchHost.exe

pid	Process
1636	vlc.exe
3624	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	Process	procid_target
PID 2876 wrote to memory of 1600	2876	chrome.exe	79
PID 2876 wrote to memory of 1600	2876	chrome.exe	79
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 4552	2876	chrome.exe	80
PID 2876 wrote to memory of 2836	2876	chrome.exe	81
PID 2876 wrote to memory of 2836	2876	chrome.exe	81
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82
PID 2876 wrote to memory of 1992	2876	chrome.exe	82

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaf998cc40,0x7ffaf998cc4c,0x7ffaf998cc58
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2368 /prefetch:8
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3016,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3024 /prefetch:1
  2⤵
  PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3032,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:3800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4292,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4264 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3332,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4724 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4988,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3400,i,11735505135498703116,7782824452062632364,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:2964

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3456

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaf998cc40,0x7ffaf998cc4c,0x7ffaf998cc58
  2⤵
  PID:784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1936 /prefetch:2
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1728,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1984 /prefetch:3
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2216,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1712 /prefetch:8
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3012,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1912 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3020,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4328,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4384 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4724,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4716 /prefetch:8
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5056,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4924,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4240,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3064 /prefetch:8
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4252,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4856,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4516 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5416,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5412,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3284,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3708 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5564,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=1432,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5636,i,1104439610903993597,12941926437548371990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:4824

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1536

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004C8
1⤵
PID:1040

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:3136

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf8f63cb8,0x7ffaf8f63cc8,0x7ffaf8f63cd8
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6072 /prefetch:8
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1788,3085862506661666610,2522910888152375451,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:3520

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3828

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4344

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1636

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3624

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf8f63cb8,0x7ffaf8f63cc8,0x7ffaf8f63cd8
  2⤵
  PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2332 /prefetch:1
  2⤵
  PID:488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3588 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6216 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:2708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1956 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,6585287771898103975,7320689370224379597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
  2⤵
  PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:812

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf8f63cb8,0x7ffaf8f63cc8,0x7ffaf8f63cd8
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3572 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
  2⤵
  PID:32
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,10782013058186430243,6674916857024816976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
  2⤵
  PID:2260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3476

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
e91ee655fc370fc76cae70be75eb4da7

SHA1
b1c2a36a252373b78768ff0b8c7c414975f8230d

SHA256
2119db0210675f0217218459520534d0442fb93f8d2ad66ba4b20c8d2a430ac2

SHA512
6295ce62fc97be1ee529b0c4dde9d8b806e7972d89378d527740c3865bae85e089883634ad2c3a72b0f0c63f0a0758645733e9e8d9092fb87bd7cc3e95d6c7f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
3c9a983e3aeda9316691c35ebad3faeb

SHA1
0e2afdf98938e9c57dac5e9f97ee386281bf581f

SHA256
6fb22cea514bc085a056dd1e95c3f8afef33f39202ffa8528ced11c05cd6de95

SHA512
56f26a44c6173105a8652d4a3586f72c80172b68dd762f353e6b5cdf757d7856737bc6166cd9c6a18df324cc50c36b668b3160e7e75d988fda082c7ef41efa57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
4ebcab0d29634d68db6e1d052ba829fa

SHA1
20974153e6643f530b39b46786455213ebfa3405

SHA256
1c7487c712cbd3c52733f0762ae42765adc39ef4c39fdfa2d48dcb6730675721

SHA512
54f1b9a7d2f7237854a86188cc4c98dce211c4a882a4bc62fecbe397a29ccfcc621956d5305608d2888fc2fb409531a90457d4b73b2b364a82185d65d5942448

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
f7eaae93db0ed666c18aeb348b4c3342

SHA1
8773935e89f71c3405ea7af99b88b62bb99e604b

SHA256
02fb4fc1464b00210ee9a5f097b18373a5a9622a2a009cef2e372260487d6898

SHA512
fb479c0ff354123485c30615a004211134ea16134471c18f5407f7e9eb851352de796115134190f994e86f0b135470c36359f1223281796090ddf650463d685c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0c91db6214f5ecf8315eb8602ae41c64

SHA1
16f959dc12b3c9852bc72fff9ee74c7d674d23e4

SHA256
435bd888d4776201552bdea304d975022cb88afcc14545003409a18ccd7f70f1

SHA512
47113c84479db4b6702bf71436502e3476855b7bcbba1d4ec6c3a1e33efde3a4b94d556d955bff29fb3e0f56eb2bf92cc6f6b04a69d19c5c37c867efe55e89e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
d65d89743db068962ef2f2b1f60b7fb6

SHA1
1c81c7108ef77229f6087eda9898061554283710

SHA256
03e8ffb9e87d9ed935b93bb991a72defc6a78ba1354718c49ab9585ba6cbfe8a

SHA512
6f4f815706a6252f5d42c58f1233692f5c18168c2ecb022742287e2cb92e3eb3580b419a2f587f7ed7e0a6dcdf8174d21757983f22be406c0a22bd47ce7fc55d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
45KB

MD5
57e917ab880fffda506e92ed0360366f

SHA1
f7cfd5f3bcc4ec46c44b564033ef94fafb9b63c2

SHA256
2b8d26e21b11adce0ad436a46b9ad0649fb9f4dcc778a6cf9dcda62a6d52b40d

SHA512
3690c3c165efa40f83b7551d766809298dc3fa91684329a5348b99775c30d843f82756cad4c21c489eda2973b8f8a30a38d2449113aec8c823584f4d4882d6f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
48KB

MD5
0bd721e891b1bd4b45d97dcb0007428c

SHA1
8d6ae2a4e2ecf0972fda7171556c0de78856ea4b

SHA256
8e77c14d10517ebea66c039e4c6a89d47f444b1c5dd56d28c0c5836af8740659

SHA512
21ee0abf26f6d0ecc4396ba022c50aecf2124bce795e74a119066958ace29d0672dbc79b2ea2f8c504d46a76974a6594d32ecc49d25d71ae470ef1bfca69594a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
38KB

MD5
872ada548d0054a789e970a75c465ddd

SHA1
c26e639c8154618e6aa5b1a90ead5885d7fe64d7

SHA256
71f44846c6dd8f92a0f31d9609d66c4412f4b7d19ef9f41229934a300c623437

SHA512
89ca049efd626e6497624b6dee05b3d62cae84d131004b7c179f867c05d02a53c753f1d2102a40259b3ae5b809659080979f0bb7a93bfc8a2270c8e446d80786

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
19KB

MD5
8f661b8c2dc08d06a2992b1006fbf95d

SHA1
51f7614ee218ca027670a3bb0d7cfe1f23869602

SHA256
8bb39a6f700638d352b26ee0cb86fe5fd1127397dbc18d50a5bf37eb9ef6519a

SHA512
80789cf71769f1c03910535c610c942aa4be684433bcdff360ba309a6c15b3878920a49d1d1303c322de64f200b8e5d316b428b66668d51f9ddffaac0aa5f80f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
24KB

MD5
944531387ce01bdf7ad736937b9b13b6

SHA1
df6268ebe74638714887588a1f43506b915e717b

SHA256
d6c997210287cecf290cc7c5cc99c13a46d874786d1747cace5f00713069e2a7

SHA512
25cbff327f7af6013476a5453847a5f0a4354a8efe773a4f7f8e29c4b8c12ba8105ed344109cf0a83ee6fe986468c2318b212d2eddc1dc2a6fb4ad9c7f9fc4c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
78KB

MD5
461beecf2cdd605bfe7a10cf2434ded0

SHA1
d1a2e42c618ca974066ddf690ee4a74d6a38c996

SHA256
2d57531d1b8a3320bc97d35aac13a6dfc57913140fa4ec7ad2a5eb6a5b46ee3e

SHA512
9c0ff8e61583960b8fed525e7c45d9041c0dc9ff64687031915d7621aea1535bbb0e72185aa817de7bb390e9a2814697d87f3d743603a730431a05915a0ad35a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
17KB

MD5
a421438ebae11fcb4808982f78536c8e

SHA1
cb3287d6dc2557343cc2e4723f6bb5e5534ab075

SHA256
8d40f05f3d7b0c08cc959534185a4ec52963c06322e7c31dbf90266d9a0c6bfc

SHA512
5f6e88895377f671f867464313290d9cea0ccf4377ed74153c3fa745456ac35f9686fcf0a2e9643316c60f5bb677dfabe1ff408a56318c48e0f7853954abfe1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

Filesize
22KB

MD5
9d53309ac2415ed6efe77b43a5a2b2b6

SHA1
31d26e32f551242c037116da7fe1f039bd1c4b41

SHA256
31e667f7d809056c4199b4204f46dbc6cd118a97530308229bbb9d450c42f89f

SHA512
25510c4cd3ac3388a1c91b5011e12a34c409f272d8f7fbec1a89cbff45f2553f7061c1f63d1a2c06f8773b885bcabd9c96501434b8905778132fffef80989476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
167KB

MD5
fb17bae56d4d325248b2cc887983ddc2

SHA1
448667c9ea5b7e91fef7f4978f805bd5162e24a7

SHA256
4f9f9529e93974afdf3314247d05dd48f67b8b23c47dc3dd917de4588fb7dedb

SHA512
d45e6ebf258ec61319bd9ad80527379fee8d4c86a2ce56d40206394cafb04ec2d89369f2b0ef049ebfcb231738a60d0b01fbb12f39a22155b38a239445195297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
66KB

MD5
b317b014831e624c006d2739537fef53

SHA1
a2e5dec00bc5777ac88413f505bc6e451c485a15

SHA256
08e6e0f758627a8afc5a15b65c519a0f16fde33062f653b09cd60956db9f0586

SHA512
303a14d20f926ec5e32c2d8be824b9d8888bbc005a0cec4a801a54278205e5cf10788507ea494378ae59e900f666b3cb15fdccbc57129505cec79aba5f6af0fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

Filesize
214KB

MD5
6cc6bc427be061f1caa060361711b55d

SHA1
3ea49aefe2ce2763697b02ef1c67e10d7ac7db87

SHA256
37b59ebfc924c927c32f4f1c9907053e831a934dca8f6d52d6666b09469854c2

SHA512
ab471d890275fa63affdecbdc19a6177bcfa49b898bf1418701f629fef0b7913abe9c7490c00bb2e35bfe5b1bed3be8626252d30d0ef5e98c11bdffd93c5724f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be

Filesize
202KB

MD5
9901c48297a339c554e405b4fefe7407

SHA1
5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e

SHA256
9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2

SHA512
b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
9005e671608adb4796d15626c6a5c901

SHA1
b5aa832773268738b2c3aa4c94b379ab4ae6bf6e

SHA256
b0ab69174d581be2e5db59eeea2d2336e65b15987a01111c6aeb81cf9ebd90ec

SHA512
76b485da6fd00be608bcc5d6621d5f20378610041fd679473ac3342741c376630363ae115931ba0bea6b9706f9d99cfbbcd6067c55a466a2e2d04ca8319b6cdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
28972ffa435beb77ee6e6ed3a52ec29e

SHA1
6a873484e5494cf5fff35e69a84ceb2f4336c3bf

SHA256
591b38f699f8dd2ecca36ae23f27043b293541f4ba4e575432346601f4bd85c1

SHA512
d0d0ef95073643e0cb1bc343c57194a86da00d3c262b98ffd745886af70d32979393938354cc868f845ccf9308f9093f71515ce8f2fb5d6590c8ef888c0cb050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
23c46a075cbc4cd4037cfa468fddbf31

SHA1
a0ec8d67316b8020d21559e831ded01cf71e50fc

SHA256
c609f724f374748760e569a65edf570f811ebe34ba00ea4943dc5135c84eedfe

SHA512
b63b423e76639e7455304e86673fc4e25d0b144d477a601925c611197cc26a156400ee1b8b92f941b5d2464b07f94dd15d10f158b3528e8c71dddb89a8503987

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
4d762a44eadd620e714fa0b80035dda5

SHA1
3de96434c449e06ccfafe159f3c940493486da6d

SHA256
8e3981f3bfeb50ce634e01f68afc5127ed47f70ab2a2d72484512d330cdff312

SHA512
0d1ea6f5175e591be67f5cdd73e4ce20a0b9b4b147e28837cde27a38b89ba2ea183aa4a320be48c73084e1a7aced3694acf1a8d3978169bca6619e8f0fcb1013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
f7360fa83fb499813e9883b257c92398

SHA1
b831172ca843dc53eeb80f443aa36d2619a38e55

SHA256
45d80057153ac626b621b05cdca701187d107876b2e59b14839091ae690e8554

SHA512
acd6e537fa5506088792cd97efe3d1b0c1207552a330740c0c6fc10f136246b42ec84fa1eade18f7f40a642bb64a178249347d97304c539cd6261972d3d5bd4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
73d468da97e2b1b3d010929c77489a79

SHA1
3c0ecb2accd77742b3601fe2d0037dfefc865f54

SHA256
b7d6df3d51549c057eb86435ebc4f110e9d2645c999c4c513fa84a3bae882a67

SHA512
51274224a6dbab7c6fbf32bc7463dfd3899d32ab613c02276f30941ef9e81772846dbbf6ec0954782e1a89477ec91057fd86d8cd9cdad6a3e22da7dec22dc8cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
fae42b76b0ab0613fe72a25e431db786

SHA1
0b81c580a90f3a48eee7aff679b56741418550cc

SHA256
58903b8b050297a9628ff9695aad47a6fea466bbb0abae4088e035b058e03bf9

SHA512
a28a2a2931e02a5c748f8d1c996d8b157ebbb0a6f6b8af561ed867ead1438374bfbb23f3b595116026e677a96304402eee4fa71ff0ddd7aee05ea3048b205af2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
c5b19ee9e2a200c28f829cf396eadad8

SHA1
6e5c6bd0c81da73ffcbbad76318fd87ffb469734

SHA256
6eb3f3c98147442a715e9da8bba46b1c3dfd93edc0697f3b14e7d3b0912ec39a

SHA512
7c9090203bd123f36d4ff043765ba59f33e5ce21439b7525d07a53314092a213875c9fa9716261748a741f8316acc3c2b878c89e74a906854a1d9bffd371ee1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
9c4bea061f4bf8540a1cd69dc55dce02

SHA1
150ac98ee58838ec56caf0511fef8badf7e5e2e0

SHA256
279fa8e069a285533cbb70ff591559b2af2ad56c5b59ca276e91af453467bd97

SHA512
70b1b4881456368a3518b834de9967767ef652c2c4c336d3f29409aaf1fbd8b8627a52ed84a5d72509901dc5efb9f2f18c04ec826e40035e7e093d1429b5a415

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

Filesize
1.0MB

MD5
8fd23c004ee4a62e4ded9143c738c572

SHA1
be0a6690f23f0f1ac9b0a4ae40a41d73859bd5fe

SHA256
db087f2ddfeaf3c949bfd4b55c0ac952a720fdae31993a3cd98cf4909037c50b

SHA512
dc776bd739d0575c569ae948d3b773d51c7dd90e1fb6d14384a378ca1d620fc915148c7d43471498e40e18c313bca0e0004235ab74c493d3fc3842c92dc43672

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

Filesize
4.0MB

MD5
531ea7411a87779daa7ac8d46254044a

SHA1
4c9c7c8697052b9b9b7733bfa7ef29dc31dd115e

SHA256
49fbded09bb17b04609f3fc6c52830ecf498c01c153bde69e9f77f05ef000d00

SHA512
28ab058de51beac28e146da540e84ebadbb989e3ca2f36438fcfa19e91f886bcbf75284c3728e8340d88c2cb1f0846adf4136f3a33c1619d7f5a8232995af365

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
2e7523b73a190ea109f6e565ef7b805b

SHA1
e1daea6d7722704f68d049aa56c883579eb8b57a

SHA256
1d41857c1db6c7140ae6007599059c18a3395b0f33d6b9e3b9c6e2c062aeb3bf

SHA512
48f1995384fa1e6c4ad0e729668e7a6adc3d70dd7d4ca2bcf967edc40b757aacd1652b657df5a501e244b2a5f320d8313ef1cf42db35ac84cb8d3c36dc9d7719

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
338B

MD5
554fd676149939435058f37add971879

SHA1
fb8875d56335688fe7a7c6241d23cae61e5952a0

SHA256
d76695dd68fd14a12059850548509ddb9503870ac85014dd00fc7fb239398e08

SHA512
ecc4b16967671ca827febaa5adc43c5fadb7488d54c40c54893eb90a3172d32c7a532717853811e3b92dc7eac6917e1672ad7aa051a25e78f89b84349507d108

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
1b9d038621fde81636464af79cc6f902

SHA1
5a91b5ce3ccb7b775ff0a441e48ff770ecc05069

SHA256
e373f9b27f22b454d365f40fae299b1c6a2fe70cca939ea1460233460babe312

SHA512
3ddf8c898c29dc09f739b5846cd00246400bd0b646b92a02172ce0c47b3566345adc93df6cd260eb5b657229feadf2e94cd389cbcefd6ad0d9686804009a388c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\9ca83586-d068-4a48-a5e4-bdac9532d3a4.tmp

Filesize
692B

MD5
b80f9897074c28b58fac15d7d799fb02

SHA1
00376fee20734532a04d89f57dca00d5fe02672a

SHA256
ae21dc007d9f20b3a1ffce0af61c912ade340685193a8a48e85a54c294ca8e58

SHA512
883e23734e61d5628c457c931e7e27b17e4222f011df78648d85864ffda509fe0e3e5d8a2659327f201fe9878d3305c79e55071b90c2d29faa4c3357d52cd19c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
57fea6df18480744b49a73fe9d3d9365

SHA1
747404db6270a58d3be84da9456cc2f532d006f5

SHA256
cd444381432ad305da3b06310615e13312d9e98623d0a6927f0406ce438f2262

SHA512
108d17601d0d754ff785d8d1653600f3e29589168d87845e08bc59a2bb48756d4f91adfb2b56a70efaacb8241a6bceaccbc0a502656be4c7a09d68b5a2b819d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
9a889ecf9654f6fe411f9acc9d1e354a

SHA1
79abef5955af54d3450663c9a439eb92d6accfe6

SHA256
ef0d101fe110f44a83f62426bceea54d58f24a4dffe63742024a3756ccf50c67

SHA512
bf8df73adf1ee2d0822f45a18374976db489081e73312b60de5c428586263d4eb99654528bdf322d2955625aa97c086afa476097df1e1720336ca99678a9f365

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ef61fbdb76fe710b95270324e5be4e55

SHA1
324a615098ae6d672412186182dc07e0757cad0e

SHA256
82503cabe32fc916def9537f939512b63d3b061d8edbb9204e1f6fae19a1005c

SHA512
25f7bc86ff6376c7707e8e7aeff015fc2abb537e7ec06e29c2210f48ce5f2a38c6de044244b96205f9643bff2556625b49fc45fef84806853bd45749cddc1c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
3230c9dc14a4973c2e52aec7ba91e815

SHA1
c3c052bca691922f9b243d5ea95cb3b403b55140

SHA256
97916319c96b3994da362df31b4606a7910a15df1fee2e34a746e0d99a41e0a1

SHA512
cd1c40dd3037c65caf3d48d234360edcbdaa6c5cf9f024433f15fbbfde3a0dcfce42848dddedbaee3dd0c7ab774f178985956ffb596a3c83e8fd1dcad116ad62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
5ad78d92e7be3c1f1a08a020ffd581a2

SHA1
d8e73e66ab7f3edb330a1389be9d8562b7aaf445

SHA256
e06ea63bd350b61ba75b951498e8468be7d44ab9cd5738f1274b1718094869cb

SHA512
1ff6dc7aa56b38c49dbedbb2b4dba5d7685f5324a243fe1c7967b7615979bcca629f3a96bf3e71e83cdefb0ca880868599ba3251ff0ade3761e3b0821258c62b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
51d991eda6f2c2537ca45b28e1239d66

SHA1
4ad6c7561debb86d07da3ee5e8dd901008c8bf1c

SHA256
c6927cf9d2629ef46112d147d6d3c8810556b8b8d0db579e4061c5bcc6a04c45

SHA512
d0cd7c44499d9e84acedad0ccbfc5e1c95e0e671de42e502865e52313e9b3d8deb398e94ce4142ba43c88b1ff1bed4de2a6c5c9a28659c1084a23c9bea413163

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
0c221c932de666b189b81b38f8317f44

SHA1
c412c1441d88ed019d66f8fc870d45e9fa6e7182

SHA256
e07fac47859d27246c26d7282760e8bb66daa4ab2d5cdfffa98de8a61d60d83a

SHA512
e571292d9e26a55d093695ba98d2e6fd1382f3557b0b4a394081c464fa6da413e9e42653778ef435eaf03ad40cb19907eb3fe08a3930cda3daf2c26602593358

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
da3721ea963714b69358bac4058279de

SHA1
51ebc3c3a84771120733dea1c04724e852508a37

SHA256
b5adbca8ffc661162467e65e83b8148819c0c4d4ea468d3aa097d7affcf992fe

SHA512
5b21db988faf582092126d19c08fe0834f8dcb1bd0093eeaf67d72809e134394a532ddfb51442e925285c2a7922b919cd0cf6c52ffb8745b2d9fd6c660b43ee1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
055172e83ffd85015e6796bbab523602

SHA1
3dfa103932f8f28ea57cb97619a76f29e5140383

SHA256
76faea178ca37b0acdd7e941e0ca1667306a6d652241c1d08c057117edac6b62

SHA512
4a4f7c44e3373a38f8961a5e776ded4ff54aadbc38f0a3881d8ceb1c6c89dd2c09ea0ef8fea9fc94d2f6a9f4d2ea3c52f5b173bf005c17e0b938c064f9d69d45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
ab4d615fe441a341d098e1d7ad2f67b7

SHA1
f702d4393215b4bcf34fe2f5c82219ae07ef35e9

SHA256
f9d9cc7b02a6a381589a95c1583898e80f83c68aa5e22e142a36e4b016fb958f

SHA512
69d96cf60acce2bb16e0d8121f62707c59737ea7ff3115d1262b202e23b66b9ae004b750378d77e0fbcc2697254f3d6d29a29991809e75808ce8ec4f7f1c2603

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
6759e08c2d63eb30ccf8cf6d0a25cdf9

SHA1
bf51bee0110687bbba254c1c6a1a437db2daf9ef

SHA256
048c9dc33192ddd2bc9e9958fcc007d2f03f1fb43700301610cdb26f1d22a8cc

SHA512
b16cd96d8618f84cb5111279bc2e5c54749a6b278d538c6cc50573417d51eaa4efbaa3332a11b02fffe711de9fd275a26956607fac697ae982b6848cf30febf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
b69f5a4e5daa4c191baa09acd2dcde69

SHA1
c163c32fcb71dc012c7d1b3b8d8d677ce4ec13df

SHA256
2947a82b525daea79db33b74b1b7c88f5d33de04a81bc81035068c38515e14e9

SHA512
82362165d7bd8ea965038f803a63a3b20df06ca776b6e7588ff2e5e0f9358bf4ce251c5cf1a0d85bfa01568c276072a09d1ab178f7773beed599b1b338e0b4f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
5eea2e0f0260d1b52c1ed11b5479b134

SHA1
369ad8357ef027814a7651602d8f4d32e159381b

SHA256
bff86130d52c6f28e2c99abae5c4352b1358f2e084d29b8999efb011980e3228

SHA512
b89886d62e890ad857c812b30ad5bfc54f2f4daacc888d83c8f0df62e8bfacc41a9290b7dd6fab9c7de9fe7bd751c89a2e13d551dd2dc414fd299567824fca50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
577561f03c3528c3500cfc80119c8611

SHA1
33c0a77bc703b07c50d8ae55c4036b0a4bdda955

SHA256
5dc10bdf333640af6a7188b3ec0c1cb72da99636b7f395625b34ee318a26cfe8

SHA512
13edcf87d25fa06d4cd91e137bb67f8618ee9bc354e8edee1933009b30ea10d6c583083b83feb8a539f37367e53de6af9bb0d7d805794a70b94a766d902dbc38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
bb554eeabe44dc0de3835a672d4f7f32

SHA1
d5e37e19dc5861d00b1286ac620608f665d8fddd

SHA256
c4befa30dd9e9d7354dc084739b578bd1efc7c5ad3200f51e02d1bda212b5b1b

SHA512
12ebb52bbb49eb49c3c5e747794618b6ae7c84542a200fa54919842fd4e4c1e44b07f510746d021d112597e9ff85b19f12f09a9ac9677ab8460c036b317f3cd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e3a95cda740d4686bd891b2eb2276fe5

SHA1
42946c5a91c97e73c86612272f5f3515cba2ab51

SHA256
a7e72a01c7bd853f8bc7a9423e58e38e74bceb558cbc9834f69346b9a45165db

SHA512
fea8abb64eb311460eb20e1abb712466908c53088e5bbe5fe0ad5598c23d378c5c1f56143d64f15a0d301842a6a13e298fdb3c50166fae4b6dbe222d91f38460

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c69d44a3866e29f32a2bad6e87f751b8

SHA1
1dcfd317a78e0036a16c70c88d5df2495ae4f76f

SHA256
cf72be00387408d7a89110e57110d06f73757fba129d3fac7573633ffafd47a2

SHA512
b38c4ee68fca03cf16902aeb07360f885dca1c899ecb1ab580b8da85d375ee587d6ab8e497d39cd3c8ec93c5719958a82a3072bc6ac5fcbb7a4873e37f2bb51b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
20e38da3bef1d14d1c8ab065b2276736

SHA1
1208cfcbcb4a98fd2fba8edec4a018ef6b12abba

SHA256
4fcea72bea210af3360ad7228c7f208d8a0f9bed2a02f77ffc33b0abe45653f4

SHA512
badb650e1158bb32de1dfd6f8e722ef3f259d8e58120f22686e73cf676d12e297a287d93b48d52c81338ad6f245851132906c2e60ff29ce7ffac7592de4f7d17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
401b3a8f841b1769a5a1d498e90e9498

SHA1
7d0c04c2698bee92ef5f755740367bfa62857ffb

SHA256
7436930c4d042b207750c4f879d7ec2a99e1cadc74b4c0d3af6465ee05d209c5

SHA512
42c725d84ed45e7d417e95601328117c16158039753ec988c05bf0c26f873148b3809e5adfe67fd692bcb178b2c030324f7c34c909d5b3b834e335ca7bf23821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
456e8eab651d131dbe3918ba91c25d44

SHA1
c024f021e210875252dfdfa4eaed3e05795cf634

SHA256
b162a55be8cee1f59340a9c253d594bbe7504ab9999441643d5384fec131be8a

SHA512
baacbd63f0239f2ed5b82022656f77269276b62f9ff55f915b8d89f33bb29e6bbf3f63e886dae8613f795e6fb72b5bcf14c06a10d59c19cf8afe257a3626e486

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
0e2cc0326698134a1b467aa478aefd50

SHA1
76335b8ad5e3b5ac6d23b11e27f42b206265bff1

SHA256
ba8f503d591a204a451c3dc43023d92c957a0adda83ac0f9fa994c818971bff9

SHA512
c9e9fa0c487ff112d9ba43274b3e603b52100cbc1f24a2b63134b1b590f190879deb58199208a5aada1ebc090fa6228a3688cb8dc2b59a4c4d95c1ede67eb62a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
970677fc69110dcf68a56969ec1b8bc8

SHA1
7629e13a5c88a84ad08aeede3b1edda426a81114

SHA256
fcc9712403b0ee8cf693699db8fe9802c71ec7708b73224373334bf95f09d840

SHA512
accb4df89441c3c39e3334e3694e999bb3389b8fe1cf237cda318fb9756e599fba1bcee1832d5e8f451c4ddd8ce3df4d03c95cfcaaa5bb306c5ba54c2db18bc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
82059953494a0faf4a48ab399860df9c

SHA1
667237667ef9e92b4a4403e0337500e2ec0016b0

SHA256
239145b48cc6a7d7f42c80c42a86c8ab462114d80292465bd8bcc120e97d2146

SHA512
b95f5959c4835902275bcb9b5e65fa3067cf42caef5f1c5c9ec689c925288c1ebbcdd354f06d136a42269b1e8f44b6339a6546e2e9fa9ffddadd23aa72096874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bbf26d80f0e64a3768b7d6329cfc348d

SHA1
f6dee31b7ce31378d1942ebc8a0778fbbf731532

SHA256
70bd24b496045782d31be5b43ab97d95514699acaab27396758fe3a1a198555c

SHA512
bfe906c9d2f8b64dec4a50e050e44ae948d26bacb1c8d0cf5aef9012c5d6fabad0a1d59e50bf763c7f05b6414f1b09b48854bd22516a592095d47fdc0144ebd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dfee7770f04950e798b3a2ede8261f64

SHA1
de785e0ed14af67594321b7b14fd50af1ff6f719

SHA256
21ae2b26ed39befc67d72806c5d440ba5ae6516f40e08d578338810a7b1f5954

SHA512
44e186b4d431b9e66cffe7ec5e058b65ffb47d307a8a574305ec0c8ededc4974b7d3c07770e4fe268e36b08d2d9dab996ecc51b002354e0dbbb38a95f02b50f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1145e4d401662ee4080637acc7a99ad3

SHA1
ac4b3464dea7e15fa32776611d1dc628879912b1

SHA256
626d1fbb54a1899611470d6030346ca7f0d720f4045a163786440b9a5119325c

SHA512
afe57eca20c744094a4bb39b7038b81f5fc3a80fe685be07bb5ec844829e9a6800a1274dc31a624d20635a8b2ff2282a8879f79e2215cf8aed394fd01dd47f19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8e43284df73a05dd54e4614098bac203

SHA1
79356554c387be646c14264629d16a2ae3954b47

SHA256
9423adf72864acdaa2b3b139d959d72f7f622b51e48e7db544b75bdb33dad2c3

SHA512
33223b9adf24bfff731a1a78fa286db2b603dd39683bf68caba336366b6328fe806dda8cfc89c61dffb661882c3b7cdae7892c7a668b12e8a1804e1426f0dde6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c3f66b12c849db7d334e43d01976a084

SHA1
5efdc96574b22e747c07432e7fbdf21f2d0c5074

SHA256
f34f879a0130b504a3f5f26c15cddd0f5a9e63ffe6ed368754df8d1e06e315fb

SHA512
3338630383cdfcded5e02710b775fbf3686af6240c0565a1f1e104516239f6657030a8a09ee90be3f62552698ae1a109f386f2b6e2b30f189a94b961c60f3900

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f9bc53eecb82eb35b0bf6a8a861bbe45

SHA1
bde610bfce35ec154ed2fcec5139557a08e7fd30

SHA256
bc723ccea218db2336b63b4cbe7a73ec57d7a83fa0cf9a2bff69823408308f59

SHA512
6da937dc6cdd6d56195d54255ba4bcc925d0765177377f50d36d3779b1cd5fbd2a243d902d411af8e2230321015bd3719d170033150daca5c89481f79a8c40e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1bd220be68fe82e8c94960652cfe3918

SHA1
4bcb837192af3604a850309c186428503a4aeb35

SHA256
15cd38f42fc6700a67d761a19776b0c22a2d0fd663daca1810eadfb4ae26a747

SHA512
03f7bc471f804fc9e4f9541273cdcb5b53d1e57c4cb42818885500dda72acbbcdd0f191a379f32ea2141c43af530881cbf212c49075752c30a9ed7ae60c60411

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ac081da75e3efef0caea6da7f020887f

SHA1
fbaaf29f6d3fd29c68d4c16fcee4be84803febc7

SHA256
6f031c2e3cf619e437f2f1e06745a0e666c1a1c1dd0f0c0e6f65f27ae3a8bf47

SHA512
3466d08d72f07e225a733ea0f3ef1b6fc30016cabac160495bed3abae9b2529cc221dde3157492a241fe012e390bd5a3df8d7cec338ddf28a77e84b4c6a678cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
a0882d83e0d9fad7d48dc3d6dd3e0a12

SHA1
7b5b40ab0074c65ee7ddbc996847e303fdfab165

SHA256
81a460a93150d478c177860ddbcffac6f45e81e04c4ac672bbab21c4ae6585dc

SHA512
1464dc36bf511296065424a65004e6b283beaf39718706c9766f931c5ad9c095e1c23ced952dd6ef6468114e0cbb5a87632d6e9211de75a1dc2694234570e0bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
333B

MD5
902a29af8e92270f26ea5ae76664a2f1

SHA1
9477c63818ad5a7c26b76a50cec682eacd23c72b

SHA256
5bcf79568adbd86f6a053cdfeef31830c8e8a2e1fe738341a179d75278daefb8

SHA512
678e45487323b2e95cd0a1132bc9e46ba94ddf1e6b3d09c5a39120abc8bc9bf5ca89ef294464c3ee7178904b86212ac77416fec007669e94e1f8d8ce8bffa721

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
8e4745aae0e685e89b39eb632446652b

SHA1
eeae69b8ec1a241f43ac8004c5709a09530fd962

SHA256
c12816b5003a01586efa4f0e677f6cf35b272fe277355502854127c1c177e97a

SHA512
27224d08facce33e77a5b5ea9a4c03cad78968a3f00675d03bcff083ac4a6514201cfa83f1419ca2f5b516077dc5fe09402a7775c400bfda787426548fce28e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13376777385044891

Filesize
3KB

MD5
7e914f9a62656f91eebbbdc7a47dd684

SHA1
9bf24e314e13e46bee1068f7bfbcd09c2124c626

SHA256
71345c8dbe3637dd3e0be9e9a8d50b066da276986d0e456c13de266de2a6740a

SHA512
4f625dfea9a4a0c3ea91025ff56da87a85553e1386723af936e0c17b30b69b22ec45eea5582fa32a6ed35a5135668145450874e1cd5d398a5a6bb2ee46a7b719

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
89e101fa3a70e403a8f9d841dd37b1e4

SHA1
609aa16c5b1f38bc42f3d8d2c4c6b733f0e62df7

SHA256
8d913479712df544e193d07954e001fe41e643672ed6db19880ee697733e56dc

SHA512
1ac79f8af42c091a847fe8cd5c2780b819b3d9ba2494df9cb03b5a1062bbcf8d25fdc920ab722ea167ece2ec7a882762d675df3d600d4594220a67b781748c3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
525c6ac27f71dbeeab325efb3102d62f

SHA1
f3f7dae7fdce57c8d63051eeb1eca95d84df7815

SHA256
86e104169de034d64eefe23a95350fafc3f58ce1aa5ad444e5314c32569a97c4

SHA512
fb609ab33c1ace64468c86e064476f577111f6d142fa3b61bfc22f95d75c7254c20dca4a08da03c8291a766721e73099c9b6e7a0c4182115a6d4e3605238d8c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
1ae058875cb2bba0d7a3b5febf316fac

SHA1
b76da422104bc7abf2bde06550c070841e333c84

SHA256
0ba4304e4488853ff3293f8ad845159279af8781a949c80e302b4e8ea97068f2

SHA512
6e1b9646ca9943eaab39353a51f3fbdd5fb3c87cc125e4d4fd18c8df44e8c94115f34a7814dc23ebc32a631c827ee6f1dececeef0109291f0afbe0b0b5a6a90a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
1b4fe7a0a6b3129832298f143a0df3a4

SHA1
b9daeb71ffdb15de04d9fda80436596a77f0a74b

SHA256
9d275a157590af2bda06919f9ba4650f7f1a7dca9a17ef28b7bbaff676e4940a

SHA512
9f152270e17bb5861f1243ad1553e006877ba11749e37c89c5d542bf0eea986c59e0de4afa3179400b35bc9229480eb3c1fa7a39173cd4c7612f401adbdef481

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
40KB

MD5
797b416c9bea16dc9c1f0ec208dcd0b2

SHA1
96ccf8a071c27dc3cb9a9a84e2a943c1b95c5529

SHA256
86a34dff7bcb3a0e8866c91eba118ae66b97f8c0a6d2a233931c32b5385b28d7

SHA512
d3d7b82df3eab2166f4f9765cdb3ef64ed828c29272ea1507f4a700b904bb43115c51c6e1ae3d94986207e7f0da347e4c4654c3be73e750523016ea1e2860d53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

Filesize
8KB

MD5
ec0c35a054bb325142c21775cf1e8b39

SHA1
e5ce0e3412e12bbe51f6dc93ee63b94b9292a9bd

SHA256
2be0bd39efb8ec696e8f1ab98425d8ba814d0b0d5d4af9a76ee0ce0985a9b37e

SHA512
e45bb643401726fb6d93b72f31431f698cdfc387b43b3119f49c502d490af9aee84ed0ae6723bc4a4d7de2cb1069e1314850c4704e40d181e9da25c47a8d005c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
18KB

MD5
078176012af57dbf0016901c1503a540

SHA1
e2fdb000bfd7b09da84d6d010b7b304793f4e9fa

SHA256
07add267cc3fdee9d121b1899fd92326b5de0ff9bef5961b0ab29d5c0d86e1c8

SHA512
8c9977de51cb9ba201ec01e6bb3da4fe6d3a3f5001082fe0dea4d263535908dac5f10915b40ebf9116495b20ff4eafe6183745874230d74b9294b44f9aa568be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
60cd843c2ef680cbb8c393d012ff6dae

SHA1
efa30f9c3bd8f220bc0cf82cbf65ab2b170fb5a5

SHA256
dd7683cb2319f5ba1b483df2388f05312d6624457f004af9ea26ca0a8287cc87

SHA512
89996590e02063db243d3d7c3756fba42295cc397943c7754f5cd418396232b4d5e42a8472ba92c80d198b662c7a935d3cb9f28c98ad6a227a788d9f3528e33a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
87e150ac07b8c2151e038afacfce0d3c

SHA1
5033fd042296cf1c3e6e40a39ba34355858cbe82

SHA256
da491fafbf84f8b2e7552459a8da2f392effda03ff28442efb6418691017d87b

SHA512
406ff08e06776a0a217b868aaa0ed53b931a20cb75ac5286189ec9ce066f8e46092f9e6f906aff6184b6975f267d57c55f919396dee632bf88f131a66439d28e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
97789d84cf13ccf357827b83bc328269

SHA1
7ea3eb44442b67dd4b56109580d7df53428092ec

SHA256
facfa0de2fe0c771213a319397446b0f090eebef358fafc2fe7d19ed231324e3

SHA512
5c16df7eda3c60e5651c1d62df0d83be4560ca1da6f08d1417f188085ab84b850b70bb424c5bcbeaae01203045d14f1fdcd496699e33f2cb1e192fa0a18d0754

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
9fe38c2563eff64f476d1c27eb52e584

SHA1
7c357c9e521cbb6a4170a83bd0e12823d8784b57

SHA256
2ff672c939be29397c0ccb14981d400a96f3732cfa8c629c3933887d4ef66cdc

SHA512
b38dd182a811e64b4b60fc8b06acc2648144c55ba5ac9360ab3d6231230d698cf5dc620560ebfc2020a13097401933dac34aa83cafb95f063c65c10a7f71a6ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
dd15228c99483e2d3f98d292e7cd2345

SHA1
cbb70f9a8f53222b1f36e184867b90400bcb436c

SHA256
d5eccefd77ceb6629d4159c95092f90e5a6728eacecd95aa3e9b26d56d9891c2

SHA512
d378a5d54c1714c95491adeaa251d0a796e3b98435d4208152fb555e266e8af17471b7347bdb7aed2874080fbe8d986195d84546f2fc8490a99235f374196300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
702c07dd695eb03aaeabee170bc7935c

SHA1
0fad4679855e571359a746cfc1ee9c1c19be5f10

SHA256
94e86073e42101a0371b0681b910f4e1d111170bca05adc2792ef524c07e6e13

SHA512
bdb97957fcfb13dca9b78e9fa1e144478ff2b2d511fe23e9c0c040e1236a8c1d45577b692c5d387e67ee7ab4bde306398a72246eca16861a5c1052b96e116080

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000001

Filesize
16KB

MD5
135df6b9085d28e17da051c9cacd8189

SHA1
f71607131cc18a15f626ea92f5e8b1bef402beb3

SHA256
fd294581677aa870cf564b2a76cfb0c54dfe43fc2a0a0dac1d03aca583ed31c9

SHA512
41a1e6c55cf3c2adf2c440fae699a66530a084bb2f7a31756dea68373cfdd1e68d42a626e6d2cd00e9e7c5cf3c58ff074f284d8d07e23db5b910a934a320f515

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
5b5bc0328931475d8f4607b192c5df77

SHA1
f2b59e6ca5a053d979026e92f41b33425d4f7318

SHA256
eed03d977099c00bdc0210200eebd03703324b038126000b3ff389710480ddd6

SHA512
205a71c4314c81e7dc3c0496dd3f0ac00d1a993f9e1ebb104e0764d57c4453641f1a010626166ffa056cfc04e1551219d7deaf45e1d691f3a395ca39b5df31a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
1c76e95c339a36c7aa04832843c3ec13

SHA1
bd9012ea83168c8426efbb45a5eb5cd6b726fb26

SHA256
7e7935c1426e1490082039c1b973d57a449279f6ab61d86097c2b09d7dec9751

SHA512
ed4cf6984078caaa980529b721d63891c217837fdf9aed1fc77431cd0bdffb7ffc15697999be287b69d19443900312a4ab755488a7ded27078e3ce46174c6fa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
71003e7750b7700e7b9d4d666c053674

SHA1
96de5a8896e59050dc3e9881d88179191283fcb2

SHA256
40554f488f4ebfefbeef202d380f66523c8c81329f0cb3ee6b43ad4775dbfbdd

SHA512
5ef3950286f02530d8626992ac0efda383b6e0466b9b88d88b38cec3b78913bfac9401e05cc253d3c53c5e042636fcf31cd37a0a02612160f053fcdbbdd72a64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
af1f8716727a577497892b475cca47c0

SHA1
62daa092e679f87b9339fcf88f7d4f6f7413cd0d

SHA256
ccfa51c203eaffd78ae2508788045ba751e018aa62fa050175b8c31cb3a37954

SHA512
ac186b3cb9e0b4c82a417e05427e3687a1da37804a9ea7333b7343308d7c8afe540c42bfb5bd2fe79a27b886b55cca45b327557adbdfa54e10486aa769a3d5e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
92658df46199108fc4a7d381cadc4a1d

SHA1
31acd818a2a182736af64762955a90ffdebc505c

SHA256
666452f54b816e68674900d5bff14e34d29cae436e91d63340c0a17c42fff937

SHA512
650abd03ff89c7df599a28e1fc802831974437b2761a80616b2c208d3b52df72546e40d05f68d3c2f1dead5c2c773a67539c72253e7ee9dfc3ab16fb4f7d8482

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
b43d2e98ad8bd06ce2ac24d474bf7014

SHA1
37227adc9cde219aa4e9ac9d417065223cb186b3

SHA256
0e9423944b138fb1b9fc5628c236d17af488064928eace0ee8479c6c87ea27c1

SHA512
bac3ae382f178351bf6ffc6c798b17192e6cca0bc8bb54c1ce5b3b58ff5fc787c2ecbad4c2a7abb1748656d3fb40864fa39bed2c566af88dffd11b0becde33a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
1d34319a0832ea553e7d069cb16123f1

SHA1
fdfce7b030cdf7212cd0005d539de81a8fd8be22

SHA256
70bdfbdee018b5b5a0fab7b3d2d15dd3cccdfdc8cd400bdeadb1be7688c42a93

SHA512
a8180e6ebbe0850e6095c986df7e8e6c17b73aba26224fb91cb2b22bb9405e1dc06355918e21a2096b8b8ecf887084a84153627289a858850dae5d54ab01ebc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
6846b15f7d6c8f4bb2ccd6c43ce3e740

SHA1
52ce1a3cafaece889c608289b6a7da330511ebda

SHA256
0c8c2dc98b318547237abf3b68b6c8fc944b2cec6b5071a62dabef484f74cc64

SHA512
c5a248d6cdd3bdc7c96838d6b560fa9c65dde3f42b30de2e141436f41fcd82783d32f0fd8995173ff006d9f6dc60e80de1bc29b309f362011a40a32b8a1e3352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
1af73c72c88c34dfa3826e95ba540212

SHA1
0e306cb33318c96c55132f1c64c2d99c4432ee14

SHA256
6ac56f097981e1e5a3a5fd243ca73022d45bb17d075dd76519526cc4cbd84d2c

SHA512
5f93cdaae86b31ea425d709f9ac03970b27f882c129deb9a0e7a04888b89f2520d4c4ec71600d5fedce142418a64c0508a30ddf42baefb00ae3b9da1ac35378a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f1d2c7fd2ca29bb77a5da2d1847fbb92

SHA1
840de2cf36c22ba10ac96f90890b6a12a56526c6

SHA256
58d0f80310f4a84f687c5ce0adaa982eb42fe4480510399fa2ae975d40bb8bc5

SHA512
ede1fafea2404f16948fe0b5ea5161ccee3ee6e40c55ff98c337eac981a6776b9c73dc030a5c59e4347aec91259f497539206e71949c33adcecbf2c846709e14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4c1a24fa898d2a98b540b20272c8e47b

SHA1
3218bff9ce95b52842fa1b8bd00be073177141ef

SHA256
bbcc378fcbf64580e7a48b4e7ca9be57fa0a1f2e747f488325685bdb18d73a95

SHA512
e61f196e7f1c9a5fe249abe9b11eea770fb2f4babc61f60b12c71f43e6fe9354cf14869daf46abc2c2655bce180252acd43c10562a2dcd31fa7d90d33253820e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
384fd5eea7b0eb3892e6649d6d16446f

SHA1
c5d1dc7f15a18784d0d671906f9745b18911e852

SHA256
30610f2785eeff0aaa4eb3daf173324ae18e75da3d7fa18a4b9c706df0b48049

SHA512
ec6f330ab43b8fe2d3820c3370b4c9cd6799fa9e04a7e254d4bb4c490c539525a3fe59975175e6ff9aed81f0f7f6b65120aca630ba8ac0fa6ac5f76e8249511b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6136c8743c26c0539e20768df4ba4753

SHA1
7d887143c1f1790da7e07ec5abbcf357697bda1f

SHA256
a0ee2a65bf7a72918af2954cd72f034d2933403337d460646967f648fcb0b026

SHA512
fdfcf7fca06541c2d26e438321aba800c5afd4897dcafa4bb6d83cb52fa3b000969db547580492f4bb89d1f848ae8c5b32cd9b88de32e408c4001255f9454137

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f87e4f8d298ddeb5f67053423c090eb4

SHA1
6da6ecc7cd5b5a8135173e46e039392a5e7b6a30

SHA256
87bdd842d7691b6149346cc5bb9e6468ead7ac89b4008b90c081f0bf9e617f5d

SHA512
0abf05ccbfbe53828de70f5b6ff4892449f608adfc48ec071554de66126c368a8535305c2f515fd4c5e326777243d3507bb70d420051770fdda4b9b5b61a644c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5e0479bf-2d8b-455d-9373-1d14c244a435.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
38KB

MD5
1806db26c5d614e263c1cefdbb1211b1

SHA1
412443dfdf346d3dc2d68e30cf717b402443f939

SHA256
5c191b166a2ad5f70572dea7fd656306623e3274a544d8e084a3c5f28b9acfa2

SHA512
43ffd45fafc2063328297193a992dea6e8d389943b3d39fb393e74d8bc64ffd50017be0978cc9b1c1e1242b88486e36d5b33840008e2482098c79814de4ab2fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
37KB

MD5
d34875fe1c47517f4081a1e2c5bc91f9

SHA1
204fed3cda5eea26388e139dd1600682e7665cf6

SHA256
aff6fc26fb0c69a279bdf9b32b4d2560cd47039470cca8248534daf8d0876186

SHA512
aa164260951708910e1cc3d83c17f2d176427dcbe53e1e13cb539d65317a1750bd1e482850049e9c126aa5e70fbdd72db13d50367b90c8b8b37f01a264ecb148

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
20KB

MD5
b701fd5ce841ce90ff569c641bf0cbfd

SHA1
923ef9dff528ad65b6f135828aa39340be591a9c

SHA256
26ac894bd46903e9b8d08bf85cf4c7795e88f7c9dd85717b7560e16acc007fe3

SHA512
67d8cbd5ca9334aa5c784bb73b2057d28e2a3687341cd62358b5c5211ba833e10909dada2069b49b0ef328c1a40d8e02b58d27385e3d944eacde240a4bcf2fde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0720badf6795a0b6_0

Filesize
3KB

MD5
1c340dac4de5efe002dc26d5a5d31c3d

SHA1
f10ff414d52cc79d9d39f1665399edf823f5c1dd

SHA256
e4eb61e0d7652849d67b865a9db7724f61097d7d569b941a845bef89296ee817

SHA512
92a3f5673ff8a8fee0421d52e173d9fc1b5a3f6330ecc61f370b9adf02498fa7c8c41bd4da74e66649384407104e791633fb13d535f6d6696c69fd6290c8d8d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\163cfbbbd670a71e_0

Filesize
4KB

MD5
3d39cbcc19b50389182be409133c3f56

SHA1
562ef9a75aa29ebd3b603ad956649458acec5162

SHA256
f67792bb366d65f73cd7832e81587b4e7577a1db2b1770b5946fe53465167dc3

SHA512
7034561245f881d0af0410cbe82b090597d447ef06e2efe7c9320b338ff5b3da80ffe8445a29af4301293026740d3cd2d46ba3e309d3bfdff7520225beee9d79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\478c519de6dea736_0

Filesize
6KB

MD5
f208f6aed92ed55b0f7bc59a4d3e498e

SHA1
76870c8b3748717e78b9a5f6b8b0069dc7acf422

SHA256
e7b2e3ee41aa2bcf2c4d7cfb1d5d8fd2edea6bf6a8f8c7d7b42eb19f8ea23a7f

SHA512
7c6ab9ddc21f0e15a734ac2e60ff93588fc692de7bde0b13c96b96dbe916bbcd8f67be30049cc6b37c4513e314771ac1835984a320a6ba09e5b8cd96b5e7da33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ff4b179c1c05fed_0

Filesize
1KB

MD5
53c55040ab1cbf08fa5536fd6e30ee63

SHA1
49a199e9bb0dd6c91c00fbb7dbc2b0e758116917

SHA256
1fdc108bc0284b0416c68d2e36da68e92a6884c623353f4bc0a9742b3539b23b

SHA512
06e11b8cae1d0075eaafed6aa3ae57cc7a90c0ac3c75e669bbfcc4c5347f10ff96c5d5b1ba1aa5798b04ce3a54b2b13edc6a1c6d01d242fd27f03ad07ede009d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b9c9659837be687c_0

Filesize
1KB

MD5
110b85bd4c9458458d65d3eeea647c94

SHA1
b1f69e1a4dcd26ee5041b5d2ac49a06ea46498db

SHA256
b32f423959ffad37fb2ee2ba6fac5ec1561aa419d805b4ce441926f2bb813188

SHA512
f9bee15bbff1d98b457ec575255342e2ea35f8ea08a4e3f3d83cc77f925fe368ceae8e8b96f2cb4c8bc5b2b192298dc1d0fac6428fdfac0847777f16ae0d3d9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbd11ea5cda006cc_0

Filesize
27KB

MD5
4e47240004aad7f7b9b1b8d3a24082fc

SHA1
1fc251b12134084f578765a79db5c51bf3906c94

SHA256
1953ebab1e183923c96fd4aecf570d7029b9995ea4657dc75b6392a2d851d149

SHA512
f1836b6a688bdd91e22a98642f6bdf10b251b541976f85fda41c5d9e3d43c2dc98b9de5a3207c9685119eec4f5ccd16b3ef79d416eb7fa5eb376a52c486e4c4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
2adb208db812d6900e8a3b1a80e44eb5

SHA1
2a23149fa167d68d2510cb2b301e2937a5d9804a

SHA256
42bb6a49d813b18d7a7c817c5501a870fd07933af33b1496c2a889a0a91c5e78

SHA512
50cd8788db4dade74f6c373936a27b24c7a44ab09152b30dd6904bf888c2c8b031015638953146aebd139c49af07bdb7245db310e22d8d3ed56de6f50dddd272

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
1f35fd31213e1b3b62a3e586d851d5ed

SHA1
bcf37b398a03a05e97b2f95b6c39758115fb0695

SHA256
9b5f7ca177ebc8c5f2d4947ace12cc995e3633d5de76b068cc105a7e7e283529

SHA512
93a4e0dd2058c993c688fe57b3137246ef6a5813f81f2994f4385dc71f9096d40f9a1fbc86b34147e8d2267f879fb047143cb8efeb6d1baf7c837f9a0f36bfe9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
242fde015d3be0e629fac333eb4fe883

SHA1
b21a65a2ac4085d85983f1425b3af1142fd007aa

SHA256
5fede8184b7faf0a4fb5905dad5b41785c51072b79e8f2b49cdb17989deb5fa9

SHA512
a074f13c8f0555fcca2f3b02e04a8397be1f39511cfa0afe99ad2a5065a1b8dc0b0b7a0dc1819665500c348244c6a3682fecadd0938efe97604ab0aa647a98e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
954df77ef4d10727782a4279289da8ae

SHA1
5087774b9758eb14e50614a9d3cd08c475329781

SHA256
6db170c5cec77dc296fa1d39fb6ee62e4196c8cceb7b893c9c26ac49d8b940f5

SHA512
ed04dbc64d5cb60003fa81a94671c60977b6e0fdf89d75388389b7d47176eb8c825c4d9d58e58518fbbaf357089c0e4529d9c964f640b17d8b5cbcd036d131ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
788B

MD5
2d2d0f121c31649b1031613a40e91e5c

SHA1
a8a8f4665aa92f21dd77030a817f34e670bafe39

SHA256
065e4c714f7240615c5d239cbc41fa57dd0018ff7b7035a1dd2cd84c7c11bd95

SHA512
f09ab68569e90d2b87af53470836e2bd8628f4925911e7effc4c793a13e6b356cd7bc8469b43546808213dc4d3bff68c265cd2f5111018e1f0386b56eb1d56f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
cd11bcf0b228081bca0958ff465ea82b

SHA1
65f2c2214ca5ec0b595fa443316eec477cd0ed8e

SHA256
416ce3cbccb18f4fdbe1d8f48baf6073aec267a99a25b417ba0a20aeccada63b

SHA512
d0f4040369f4225a5e9d37439839a505fbfaf753b6d96afcc17a81f6d245c5b2d941a5ba57c9f241563b51e95c613d9c6323981478bab6af2ace967c32e1901c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
c0e124aa70bc9697edb4fa44f928d49b

SHA1
0953ea64327619f40e47da85a2d32176b4aa9ad9

SHA256
5e0399a45c59b6ce0fcaa309115f3f038d4095b77ab8eb4929f553d72288fb4c

SHA512
635ce171d0b70d3c5d766cd56d36aec93881446f6427876302bc7aa26f45ef8728d712aa472daf7ec3c8efd52f0a0de8f9bf217320f0b027a8b0d747729cc4ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f9742f360a3cc0c0a387649ef14400c4

SHA1
9a1e3bda32ffa388b3fe37ee2d2f088eb5a9f0fd

SHA256
bb8fa927fe7c0c501920cc1e00534e19f5da707b5211a5143eed94da187f0185

SHA512
9982bdf2c42ea6fb07e9215f5aac104ff9fe0971af822d1d356537af4ca96e643217d47d4a1fe3a7edd08213cbd5bb60524afc7ca0bfae182c38ee8593ea8391

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8c3b3578462bf539aca42752995d3d5b

SHA1
a7b645b41414666b7a8760f0c3cb46c0eee9c35d

SHA256
00fec425f3dc88fdf6212264265b1e39df516e5d5d09e77a5633aebbe9537e45

SHA512
3f97a70496de2c6c8f99ebf6963b56ed9a8a2d980ae2be5da3d19c985f8582b285fd5b888e381f7d5a1acba4d16266f897403ca5c7d9826c3200b0760b92e08a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4bc1486e972d8249d3c2e22cc78c9895

SHA1
d3a03d4af9c8eeb56e6a19a130a1030f3235d5ce

SHA256
46ab2687f6361c775e9d740a81677107c6c7a09d4641df05e1ab8a5579f51361

SHA512
c4b21ff6b7874c792546527968156c3cfb2a4133e1db35470cc35c7f0230c631083edb2528b9a912bd60e6100a9575951a64db96a7ced071bf626fe3e6df1d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
55cde872d9f230ed8670f16287a3435d

SHA1
9679f7af84d93071acb0bc792873aa07f57c4e74

SHA256
51a10b38f9dece8fcbac4fc9c6f244df5358c317f8dd92af2418bb18d9860c14

SHA512
45685812fcff9c97f51a05f10cb637d98c4725e6d816d9fd1af7a634d9237db0fd43c96d62c1496401a7918164e926c2e0f0168e654bbfb51bc4b0d650afdaba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7ec7f6e039ec00a34794d9c4d497b0b7

SHA1
f6b9fce0c6ef2ccab12480370a4ed727a0a967d8

SHA256
a6cce86d9989bed79660e3546f25f707cb6930e44969369d45e7e28aaccce88f

SHA512
27cd602da94bb43080a2d9a281d66ed9f3fc725a0d360f76e2a1a8f91014a78a15bc50f369fcbcc54b018754f56787a944b99720f820288c9cffb7c7934d356f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fdf12fe2bab151975e978753658f760a

SHA1
7f43414ae57c289d6ece7d53d0c00c6fa9561d9b

SHA256
0ebb87253ac9b776327c8764e3fef6540a6dd2e16a83bbfa00bf2bb703461423

SHA512
e1293ac8309a3df46c4ff862e016737a5830d24ce62b3d8543671627d3ee605c6773ae4a461300b461f006633c417a11d460c8635b891ebe1f7ca60e0d492fb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6249654d26ee0735134de96d115d0397

SHA1
4332a50bd6c88536da98271fcdec1790b342063b

SHA256
a8a4d746f6bec7f9cfe66352f0f7f68a7a8bd7c9a9a27656db824c39328922bf

SHA512
08a882092b5938c5102e923936da1cd5661fc4c29df8af58571557813d31f132723975b0d82d65bbd3760bc67e1fd726aa7e21b26ae0babaa9633a22ab4cb96c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f1eac163a302f99de0e6c6e6a2e736ba

SHA1
2f04d0713755b4dd0adc57c344ced695f5b1fc80

SHA256
914a37c97c50a26122c6a26a854890aca185c8761860d6132c896603aab0a142

SHA512
140c3913535c262efff3e6c4a86fa19fdf73d464658990a92c5d1cf5157fe4d2ebb65bc3d0fbd32373cae713cb65591cf30eefe334d0a82c8244e6ba71b48cba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2ba19715b93422cb0d500f113fc1c841

SHA1
595238456d1df999972b27b200c2dff76c1343b1

SHA256
5e615cbf05d56084ed9603417d501f581214b13f0950ade10b966173915b2785

SHA512
70290083e3bd1ba757f5a6e4ffab4c44156ec09ec93c4c8734aeae0c43cdf06e509ed6d9421e9ce124dff6835aa4004a2cc2dbbaa64e9eb79d9e3a6100da32af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5101d6449e2664599dc59e02a0cc9f39

SHA1
85c08c394784c28cd8b8cfd4ee75811ff0f3d90f

SHA256
9fba28dd5adbc979b2049d92d0d2388e6e46b0aee5f7d4e6ad4634c02d96059b

SHA512
22a9f7f65f29488bc3aa5f3c97a232ef02fe49c28ac08b0e16ca4fdcfcb3199e9a9d2aae8bfb037d8a85b7f9fe016b6f826f5f3cb75ae6f382a5f1df67f4042a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
44285821e8e63d44188ac3a0312d5407

SHA1
74ec72438c8d3db5096365eaecd41001bb49866c

SHA256
8932e5010e9ae3c3707898da6eb6aa5440fe4276478931f52765863723b26357

SHA512
91680ad1459a5b8322927e1485d9690cefe7c5a7dd8995e183816ea49fa1cbd6bfc1f1488872cc7a06173788e1189755058d41880cacc4656e85421fe40d5adf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cd19412f3ce9c0d6f3a5d8b0d4216536

SHA1
f5df83ff3eb06278b066037a312e047323c1ce87

SHA256
a5efa2796f289f9c9767ff7ba6115abadaa57e3ee5642121ecfa661a9baa340a

SHA512
9145b2aed4887b8977c3c9813413335fc1668902e18c5e892190809ce1fe4cdfbcabd5c4e9d17f4c77d4da21d76bb1809d2c24fbbbb9f9ebffaf0e52b76bd462

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5bbd0700fc94c0824c38f4409bf9628d

SHA1
67a57f8ec7da432fee7186aa5e24e447b9189f3a

SHA256
1faa9b7932dd5337de92c9ac084f302fc548bee7626488f198d030c47ee77dc7

SHA512
cea622bb961022b960b7caa084c7a287ba9b09df20a24bc882a95bd7d8ac19cb3e765b2108d281a4478120f73e1e7546ed7d05b00107217d37d94c63da81fea2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a4161202549a4f2d1539f6773e7494d1

SHA1
c157a08795b60792a4d646b72204662341726cc2

SHA256
e2a89b430329ce6d3bf388785e368d95439fe59e8d9e11caf9fbe03f0a808778

SHA512
21beaaa627a9626e8c515e272e839369c2d5f37a19b7e3adfd34b669332a21147312deb06fe08a2a3199fd8d60a74bbe3a4e0a46d2c1d2d3ce8915634e5d3df7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e6dd68b469a626ef586f7a2aeb902911

SHA1
bbf3bdaf9b8758e0428082a0a5267eafaa779448

SHA256
657880cfc8726b18803578e120879be3905d5cc728d732b02a057339e12a6198

SHA512
65c149c1b48170c7dfcce7523891b2eb2f320b407f3f7079d033b9f7f77c54fe6204f8c40e81824d830b7511fb42599f51774b55a075932426f4652c288edec4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
09960a3c28a3fea1cbf17364cb1ec8cf

SHA1
ae84239ada6e888867762813ced9d7d3ef42c47e

SHA256
b9f846ce7b534bd44bdaf09c52594fde61485e457ab563a8707f15479a95f6d7

SHA512
506c7b46215dec0ea0727891da7b7f4ac3876f7895685bf380d3bee67539a1fac4973461343de3636cffb47b57c653a99df5f562d9eb78b5ced2631b3d5a4ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f9307be4eff66cca5ec2a7ac38f81227

SHA1
93768908bf86467129ceed9f2e87f952b8289afb

SHA256
3d5d7b7236d4f216f35ba8a152a2de2cc615c5296dbcbb437ccad4078fbbd456

SHA512
a353f1d4b8246e4a6a14e41816120b6d793c821be7c02d84c2bfeb9c13e75636925fe7eb7a266288ff78039694d59489b1fcb501c2a2b0df70dced2920f6171e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
33941d4d4c77a320fe6d7388f8718f32

SHA1
ed1238d9d7c9ec366d1e453bb8a3d1b514354b83

SHA256
56305a52a62f073c79a4723544f310b8991ad7f99af5d723127ff8d6c892102f

SHA512
eac32df048965dff4c8dcbd285ecd1035714adef6150123d6610d52d3837e8aec111ff685b6e2fa6deb7d8203465568527ef4e6e39e65f20de48adf5a81bda2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e04b311e1a26f3d69855fd90f1ee3e6b

SHA1
10a2913528495fd5cb95390c34d71dd1fa27e8a2

SHA256
31d3712ff725763476365938877535044aa9c8b21d981ce4daf2ac7ece44f80f

SHA512
2232e2648e0a4c276aea44950f4c5c85563de506d1505a528cf76b112b59b7d69f77a8d4a0994be38a73027fa6ebd25dea17318cbba9b2e8d2f973e891f3e1b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
079f9e3fbdba8dba5550817c9c3285f4

SHA1
473689d40b24fc29efb25e297f024f3054f30543

SHA256
8dbb8903de2367058324948901bebeb466e8d80412a53239e5fd51d71a42f36d

SHA512
ed18bfb7934d38957024d176647f8957a980c73af5abec5e57c7a698b3897aedc12b2e10adf63870830323074035d0e63b4df424e9e94599689f0e04fa68b1e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
997da262576b17739efe949a386c56e9

SHA1
97ad0bf10af6b1cb5b10b0095bfb7b20c8b43964

SHA256
a08f1c78993af86929d2c73f88b8b1cf2e596a08870b09de44d16f1ef7ad1a8f

SHA512
77c2abb4d13ca90efa89466b68fae888c37b98f9c952e42b75d1b5f3200087021230f31d6c5976c2d827113a9195a10c2b02b1c04dea4d7cdc30caaf45f45718

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
bec4d060dd3acb81405e40e1d6ece823

SHA1
ce102554263f18f3b9f28b24659449bdbd2086c4

SHA256
6a1a9ed32bdadc9da686f19175ba83b7858fc85c0731fa221ae8d7749da636ba

SHA512
e78c3114c4fa35369038dae33897bf1e587a91cd6626a07b216b4844ce7881e136ad1b11c98110ee0dc604668ae15c8865d0d1acc1d45dd56100056329d61fb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
b1925e4eda134f249dcf133f3fad7e99

SHA1
5ed88abe38db6231cd4d854842f7d1ae202c4ebd

SHA256
beb51bb62f117daaf69d650fc316c3dfe1bdab20d136b4c48a869b29d3fcc63b

SHA512
adf66ee9ebd174210ddc27f3668db08d98a9f1f1337cebbf25a26df5130147cb07bb68d37cd6a87399d4de839f0e2c7aec504d5c64a736f2d294143c60f5ef2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
31c3f9e473cd5c742158f036f5dae135

SHA1
3c6d4768f03cd8cc000d28ba196f99d8a7e9f935

SHA256
dc6f03786b3992e8b246d9f538e740317bc41ff736442444c6934de395f82431

SHA512
906a4d8fac1f6b97a48adecb3d0d9bc2b8738c9e58b21be3fb42835ed93d97d125468b2ee6cf021f8af38290d1888b4016b81171cb36afc4f61b1eb685f4d3c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
93d1d7942c01c16cfc07b2c94333796a

SHA1
b709ef05986f089f989d913e9ea5ed001006e800

SHA256
51d659a9c55891377adc725adb5204e8abf6528ae139ad6d31740630aaab2951

SHA512
955ffb9d1688e7ae88dba9bcd8c0c55ff29fb4b0bd72a2f65be4a3a70250781180d653ab205214f7380aa58d8845d2119f8c7aeaa4abc0530a1579ec176642ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
778485e77baf20634c0b583965e3dd2c

SHA1
1f26d4f817a239433dafa83ee1b7795835c11d0e

SHA256
47e28fdd8554f6c16e10109255f7ddc2ca71a2e7f63774f9788eb79e188fc598

SHA512
89d4ceab9cbcc523ea5c3fe54cf31b1e4083e8423d612654f1bde2a0e34dfa8558ca55fde4a930a3607f4e50033024c13e5d85e272d3ae542cbeaca16f36e92e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c99cd7b5bcbd01d2bd71fc9982df1bb7

SHA1
874fc20b7b32daecd494f26f38f11d431e22fdc2

SHA256
0c8a8e6d5e1aeb9eea221219b732ab9618cf1b08476f1395cc29c01093141825

SHA512
30c929b3d39cd9b41cfa905fa88dcb9fe45766e011b4b8f14e558c91192756d54f5a0d52a2ce0822311d83dea082c6ba6807adbd76b5e7b65f90df590fad5400

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
9b3d39ce42053046081483d80fe6c4c8

SHA1
5577d6a911264ec12611c1f6d59b8a75358b3846

SHA256
23f0339ee01092beabd882f391920c7eb42115fae23a5c413d0f341e15e7faab

SHA512
c983127adad34c90e712b89e5bc3f75668fceb57059f6c0ee5b64b2efddd27e96efa4be99d2d836bb8794e35cca71725745658aef40ae3ca22cb5cd49bfe6861

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
27b58bfc27f0764325c80a69d56b34c1

SHA1
efa728275eebc8b396a1834ad9ec7623720ea634

SHA256
79d05327b92ed6ed3c16e7ee8019819f5b86b7846830984b52b39b96e0e68214

SHA512
9a0baf0aaf51daca002efa21e250e4fd4c0af11c9a4c772d4f574dde2115e67f4947845157b067f0caf4cb5947aca0b8000cb7dd8de271f628b5717c4e2ddffa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e67a7aaf3ec8569ace6be3151617b5ef

SHA1
1568575577be47c12d40d9814ed05aa233c6864c

SHA256
7c68a56b9705356ffd73af7b381d470c35eef903605b7bec7335830b047af7c9

SHA512
cfbfc7e7f2e79815628923793f8773a5a2aabbfb317f2eb228a4b047d6180555b18597c051f3908a384d39aae5b4617781af762645ae36a9875ac060f2253378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dbb898cfba437c8cb1f9d4a385e8e735

SHA1
cfda646628321cbd5c3f80540031258d4f2a6aa5

SHA256
81bdf5da8aa9d3c5ce0a386d2cd37f5cd7e63e665375a382765d8cda7af6527b

SHA512
a6e238a3659b3f2bdc419608bef3aebb171dd233c9422c1b6782d959c95ef9259c8ef5c5cb27082375fd0bfb0a027c47b7234ac271c5fb4441452a234b4a7120

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
2834efdd8b64d429b25c7cf29a89d460

SHA1
881d87f83d95f36253cab3b7bff58dc91777bc9e

SHA256
86761d7b1e506e0c2cac747e310092da4f1dfb294306342dc7a509bceea74ef4

SHA512
26db20375671bc2f5362034dbf47a1d65f85783c7f89bd729c0598ecb05d7b2c24ffa66b9f762210f8aeee920f1cdb3114279234dace61ff64036825274dd4c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
fc67d930cbe0f35eb7619c4778f9d378

SHA1
fbf5b6eb4ba884b2bc86d6c730aac2be5c7d2af7

SHA256
5cfd5242fa37775df4ab772abbf3972f4711b48e1bef522a1a6e4075c8960e35

SHA512
426de7d8b98b2fe83eabd4b113ce0b9d6214796dd14eeb55bd9b6c126195d6b775eebc5499110f75bf1c7f89808e3c29fbc0bcaf91d534791926f1777cff8234

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bc938.TMP

Filesize
534B

MD5
d6796c1318cf4b7700e0dee57b9d79ae

SHA1
19310bd6c11fc400633ad0aab9ece1f7d88bb2c5

SHA256
c6f5cefd983aadf99907591672ba25f7aa75eed9214777156856e5c93aa72dac

SHA512
071ba148516cba471544da5b7ee224ca714d7e549f1165172bf81bbc8c79e969869c25f7eab1470993e3930f85260f1c2d642356babb03dbd781422746184fa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
824125d7a7c7def5bbaa420999fa3ccc

SHA1
e312767a6ae715592f11d17394e462cb4da13f2e

SHA256
c6e1c51204aa036a61a6f63a795ed26a045ca83fe898ef944f1555d163f7b25b

SHA512
ebe518f2452bcecff64382aff79510a115a1f3834444d4c1a1741f6a2dfa8ff404f101dff0bc9fd5ee47cc699b12de5a613c7f5343a2ff4044f94c231a10e978

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
56344dc079dc620c1cb82685d85dfc8e

SHA1
89c02e5764b9f62e4e6037c979db7f30bef0234a

SHA256
3574c2d13ec55e8f9ca58c710330804a87cd3092028305229f6725db77dcbff6

SHA512
8fb22c4f327bcb9cce814da1e95bb3126630612d6f6fb5706b2f3b216284287efc181a45f70ba7441b64104dc59234c09bd6b7bffc6320918104194b28ac4688

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
85a164007f5652742160faef675a4266

SHA1
29777f92b20a2994c55371be7490adfb211e8936

SHA256
bce478dd59f4d553072d7d7740e252f5cdc371c6f06c6d49bbd3894323b31ef9

SHA512
16737a6bba62ebc88984ef6be9f396fc44cdfeb5468140cb01ef0945f18ee95e8e6d154d74cb0c3a38d3ba5ac89eeafe9f4c5c46ce19d9a0633e4e2978e674cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
17ede551bf12340c5c790f591a13c231

SHA1
69cd87a470d2c62c9c9f48484b8fe1ab17b4fd2d

SHA256
fba06a0d9dc5b5d0b8b2a9ce81b6a9c4aa794af009de5f993bbb00df4bdfcb31

SHA512
7d6eb389b83a35f98ceec324032548a00ecf7459a3f2276c60aa7db6cc04b696b5044553f3a4c1db653dd32819ab8d76e943596fae5636a40ae0cdc6558c0f16

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
327975ba2c226434c0009085b3702a06

SHA1
b7b8b25656b3caefad9c5a657f101f06e2024bbd

SHA256
6fa9064f304b70d6dcebee643ca017c2417ff325106917058f6e11341678583c

SHA512
150a57c143fc5ff2462f496f5a9451310b8d99e32c4d570641204c8062a78590f14bed438ac981e8b0609a0c87b859a1f8502a78687bc36c3a9529d633a58e51

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 204727.crdownload

Filesize
2.3MB

MD5
1b54b70beef8eb240db31718e8f7eb5d

SHA1
da5995070737ec655824c92622333c489eb6bce4

SHA256
7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

SHA512
fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 293224.crdownload

Filesize
213KB

MD5
51909a12f82c373c3f73f4fa9364b61f

SHA1
61bc327380b3214c7a265eb945b81b87d247981b

SHA256
ba57abaf04d7415fc1c51d7c93f9ae8768d3a1aeba8a74039864bb97345ff606

SHA512
b23139bdd694ee38cffc65cd04c3e4f6d8695bc854b2344f41fa2ee64103bdeb17db004d5a4bb3ae0de251f4a2ec7de085fb4d11e1206c9a56211b12c375d8f5

Download Submit
\??\pipe\crashpad_2876_DOAMAWJORAFRMJSI

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1636-2473-0x00007FF7DAB00000-0x00007FF7DABF8000-memory.dmp

Filesize
992KB

Download
memory/1636-2460-0x00007FFAFD950000-0x00007FFAFD961000-memory.dmp

Filesize
68KB

Download
memory/1636-2456-0x00007FFAF9740000-0x00007FFAF9774000-memory.dmp

Filesize
208KB

Download
memory/1636-2461-0x00007FFAF9B20000-0x00007FFAF9B37000-memory.dmp

Filesize
92KB

Download
memory/1636-2465-0x00007FFAF8DD0000-0x00007FFAF8E37000-memory.dmp

Filesize
412KB

Download
memory/1636-2462-0x00007FFAF9A20000-0x00007FFAF9A3D000-memory.dmp

Filesize
116KB

Download
memory/1636-2459-0x00007FFAFED50000-0x00007FFAFED67000-memory.dmp

Filesize
92KB

Download
memory/1636-2464-0x00007FFAE6D60000-0x00007FFAE7E10000-memory.dmp

Filesize
16.7MB

Download
memory/1636-2458-0x00007FFB01B40000-0x00007FFB01B58000-memory.dmp

Filesize
96KB

Download
memory/1636-2457-0x00007FFAE8040000-0x00007FFAE82F6000-memory.dmp

Filesize
2.7MB

Download
memory/1636-2474-0x00007FFAF9740000-0x00007FFAF9774000-memory.dmp

Filesize
208KB

Download
memory/1636-2463-0x00007FFAF9580000-0x00007FFAF9591000-memory.dmp

Filesize
68KB

Download
memory/1636-2455-0x00007FF7DAB00000-0x00007FF7DABF8000-memory.dmp

Filesize
992KB

Download
memory/1636-2475-0x00007FFAE8040000-0x00007FFAE82F6000-memory.dmp

Filesize
2.7MB

Download
memory/1636-2476-0x00007FFAE6D60000-0x00007FFAE7E10000-memory.dmp

Filesize
16.7MB

Download