Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows11-21h2-x64

8

Analysis

  • max time kernel
    565s
  • max time network
    500s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30-11-2024 20:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1oda_K2iuKvgO8Fzf2L8HIoznzYSTx0pJ/view

Score
8/10
defense_evasiondiscoveryevasiontrojan

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 10 IoCs
  • Checks whether UAC is enabled 1 TTPs 5 IoCs
    evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 2 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

    defense_evasion
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • System Location Discovery: System Language Discovery 1 TTPs 10 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 12 IoCs
  • Modifies registry class 11 IoCs
  • NTFS ADS 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 37 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 35 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://drive.google.com/file/d/1oda_K2iuKvgO8Fzf2L8HIoznzYSTx0pJ/view
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1884
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc3d2e3cb8,0x7ffc3d2e3cc8,0x7ffc3d2e3cd8
      2⤵
        PID:876
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
        2⤵
          PID:6052
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2416
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
          2⤵
            PID:5204
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
            2⤵
              PID:1268
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
              2⤵
                PID:4464
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
                2⤵
                  PID:4956
                • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:1944
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1
                  2⤵
                    PID:5620
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3904 /prefetch:8
                    2⤵
                    • NTFS ADS
                    • Suspicious behavior: EnumeratesProcesses
                    PID:3640
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,12174936499979223586,18158151779138441997,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:4048
                • C:\Windows\System32\CompPkgSrv.exe
                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                  1⤵
                    PID:3460
                  • C:\Windows\System32\CompPkgSrv.exe
                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                    1⤵
                      PID:3464
                    • C:\Windows\system32\OpenWith.exe
                      C:\Windows\system32\OpenWith.exe -Embedding
                      1⤵
                      • Modifies registry class
                      • Suspicious use of SetWindowsHookEx
                      PID:2156
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                      1⤵
                      • Enumerates system info in registry
                      • Modifies registry class
                      • NTFS ADS
                      • Suspicious behavior: EnumeratesProcesses
                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                      • Suspicious use of FindShellTrayWindow
                      • Suspicious use of SendNotifyMessage
                      PID:3628
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xe4,0x10c,0x7ffc3d2e3cb8,0x7ffc3d2e3cc8,0x7ffc3d2e3cd8
                        2⤵
                          PID:3236
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2
                          2⤵
                            PID:5172
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 /prefetch:3
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:5196
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2592 /prefetch:8
                            2⤵
                              PID:972
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                              2⤵
                                PID:32
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
                                2⤵
                                  PID:104
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
                                  2⤵
                                    PID:2840
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
                                    2⤵
                                      PID:6136
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:5236
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:1
                                      2⤵
                                        PID:3948
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
                                        2⤵
                                          PID:4572
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
                                          2⤵
                                            PID:5840
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
                                            2⤵
                                              PID:2804
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                                              2⤵
                                                PID:1600
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:4024
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                                                2⤵
                                                  PID:5832
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
                                                  2⤵
                                                    PID:1368
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
                                                    2⤵
                                                      PID:3472
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
                                                      2⤵
                                                        PID:3444
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
                                                        2⤵
                                                          PID:5176
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6152 /prefetch:8
                                                          2⤵
                                                            PID:3804
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
                                                            2⤵
                                                              PID:2364
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1996,7638667736072146486,3105773855637240074,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 /prefetch:8
                                                              2⤵
                                                              • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                              • NTFS ADS
                                                              • Suspicious behavior: EnumeratesProcesses
                                                              PID:4992
                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                            1⤵
                                                              PID:2328
                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                              1⤵
                                                                PID:5192
                                                              • C:\Windows\System32\rundll32.exe
                                                                C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                1⤵
                                                                  PID:5144
                                                                • C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe
                                                                  "C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe"
                                                                  1⤵
                                                                  • Executes dropped EXE
                                                                  • System Location Discovery: System Language Discovery
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:4036
                                                                  • C:\Users\Admin\AppData\Local\Temp\7z82DADFC4\setup.exe
                                                                    C:\Users\Admin\AppData\Local\Temp\7z82DADFC4\setup.exe
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    • Checks whether UAC is enabled
                                                                    • System Location Discovery: System Language Discovery
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:5388
                                                                • C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe
                                                                  "C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe"
                                                                  1⤵
                                                                  • Executes dropped EXE
                                                                  • System Location Discovery: System Language Discovery
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:5112
                                                                  • C:\Users\Admin\AppData\Local\Temp\7z8AA303F8\setup.exe
                                                                    C:\Users\Admin\AppData\Local\Temp\7z8AA303F8\setup.exe
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    • Checks whether UAC is enabled
                                                                    • System Location Discovery: System Language Discovery
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:5892
                                                                • C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe
                                                                  "C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe"
                                                                  1⤵
                                                                  • Executes dropped EXE
                                                                  • System Location Discovery: System Language Discovery
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:5680
                                                                  • C:\Users\Admin\AppData\Local\Temp\7z89951630\setup.exe
                                                                    C:\Users\Admin\AppData\Local\Temp\7z89951630\setup.exe
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    • Checks whether UAC is enabled
                                                                    • System Location Discovery: System Language Discovery
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:896
                                                                • C:\Windows\system32\taskmgr.exe
                                                                  "C:\Windows\system32\taskmgr.exe" /0
                                                                  1⤵
                                                                  • Checks SCSI registry key(s)
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  • Suspicious behavior: GetForegroundWindowSpam
                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                  • Suspicious use of SendNotifyMessage
                                                                  PID:6140
                                                                • C:\Windows\system32\OpenWith.exe
                                                                  C:\Windows\system32\OpenWith.exe -Embedding
                                                                  1⤵
                                                                  • Modifies registry class
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:5348
                                                                • C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe
                                                                  "C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe"
                                                                  1⤵
                                                                  • Executes dropped EXE
                                                                  • System Location Discovery: System Language Discovery
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:5076
                                                                  • C:\Users\Admin\AppData\Local\Temp\7z9034E3D4\setup.exe
                                                                    C:\Users\Admin\AppData\Local\Temp\7z9034E3D4\setup.exe
                                                                    2⤵
                                                                    • Executes dropped EXE
                                                                    • Checks whether UAC is enabled
                                                                    • System Location Discovery: System Language Discovery
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:5792
                                                                • C:\Windows\system32\BackgroundTransferHost.exe
                                                                  "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
                                                                  1⤵
                                                                  • Modifies registry class
                                                                  PID:1336
                                                                • C:\Windows\system32\OpenWith.exe
                                                                  C:\Windows\system32\OpenWith.exe -Embedding
                                                                  1⤵
                                                                  • Modifies registry class
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:3012
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                  1⤵
                                                                  • Enumerates system info in registry
                                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                  PID:5920
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc3d2e3cb8,0x7ffc3d2e3cc8,0x7ffc3d2e3cd8
                                                                    2⤵
                                                                      PID:2144
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
                                                                      2⤵
                                                                        PID:4472
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3
                                                                        2⤵
                                                                          PID:1008
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2620 /prefetch:8
                                                                          2⤵
                                                                            PID:1444
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
                                                                            2⤵
                                                                              PID:5132
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                                                                              2⤵
                                                                                PID:964
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
                                                                                2⤵
                                                                                  PID:5088
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5304
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5281575334281952958,9832359894926931896,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3572 /prefetch:8
                                                                                    2⤵
                                                                                      PID:1708
                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                    1⤵
                                                                                      PID:5280
                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                      1⤵
                                                                                        PID:4316
                                                                                      • C:\Windows\system32\OpenWith.exe
                                                                                        C:\Windows\system32\OpenWith.exe -Embedding
                                                                                        1⤵
                                                                                        • Modifies registry class
                                                                                        • Suspicious behavior: GetForegroundWindowSpam
                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                        PID:1120
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                        1⤵
                                                                                        • Enumerates system info in registry
                                                                                        • NTFS ADS
                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                        PID:2060
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc3d2e3cb8,0x7ffc3d2e3cc8,0x7ffc3d2e3cd8
                                                                                          2⤵
                                                                                            PID:1824
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
                                                                                            2⤵
                                                                                              PID:1600
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
                                                                                              2⤵
                                                                                                PID:932
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2516 /prefetch:8
                                                                                                2⤵
                                                                                                  PID:4620
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:3512
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:960
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:5988
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:756
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:2160
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 /prefetch:8
                                                                                                            2⤵
                                                                                                              PID:5760
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:5080
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:1268
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:1908
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:4476
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:5604
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2932 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:5648
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:4236
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:5708
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:4396
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6424 /prefetch:8
                                                                                                                                2⤵
                                                                                                                                  PID:4064
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:2948
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1864,7114743436175836097,10720419985404833689,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 /prefetch:8
                                                                                                                                    2⤵
                                                                                                                                    • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                                                                                    • NTFS ADS
                                                                                                                                    PID:960
                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                  1⤵
                                                                                                                                    PID:3056
                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                    1⤵
                                                                                                                                      PID:3764
                                                                                                                                    • C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe
                                                                                                                                      "C:\Users\Admin\Downloads\AutoHotkey_1.1.37.02_setup.exe"
                                                                                                                                      1⤵
                                                                                                                                      • Executes dropped EXE
                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                      PID:1212
                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\7zDCFE44BC\setup.exe
                                                                                                                                        C:\Users\Admin\AppData\Local\Temp\7zDCFE44BC\setup.exe
                                                                                                                                        2⤵
                                                                                                                                        • Executes dropped EXE
                                                                                                                                        • Checks whether UAC is enabled
                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                                                        PID:5852
                                                                                                                                    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
                                                                                                                                      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
                                                                                                                                      1⤵
                                                                                                                                      • Modifies registry class
                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                      PID:1356

                                                                                                                                    Network

                                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                                    Replay Monitor

                                                                                                                                    Loading Replay Monitor...

                                                                                                                                    Downloads

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      e9a2c784e6d797d91d4b8612e14d51bd

                                                                                                                                      SHA1

                                                                                                                                      25e2b07c396ee82e4404af09424f747fc05f04c2

                                                                                                                                      SHA256

                                                                                                                                      18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6

                                                                                                                                      SHA512

                                                                                                                                      fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      0864baffb2650857264fa33fa0dd59bc

                                                                                                                                      SHA1

                                                                                                                                      e67b0e38b64fbcd90b7d83c3c0260a6f2c501415

                                                                                                                                      SHA256

                                                                                                                                      cbd11507192daa9dc59a5842b0d83b1bd2f55ae2335523f3b0a3e2c1c9a4032a

                                                                                                                                      SHA512

                                                                                                                                      c6c51efd91ac3d542c0071aed78c8c332d555896740798569aebc6b0c266ef15d0d2e19acc7c1399255890a4122493b7f67bf0c637d74fbeda2fe3b4cde13f98

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      8b730e71d53558ae0f0be5e1d8691d82

                                                                                                                                      SHA1

                                                                                                                                      4266645fb7c9effc143a2de998cc0ff3cbc6fb23

                                                                                                                                      SHA256

                                                                                                                                      18b008a937e7a27532e1ae8860c031edb390299f476455e9b04fedf374dfaae5

                                                                                                                                      SHA512

                                                                                                                                      a98872c484470e991963c3d6976aacbe598324fa4ca723efabbe977b322c8b0c26a51a14899b6aa08b16970e91d2ece509982beca232cf13faf68b8e6fef5e96

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      1fc959921446fa3ab5813f75ca4d0235

                                                                                                                                      SHA1

                                                                                                                                      0aeef3ba7ba2aa1f725fca09432d384b06995e2a

                                                                                                                                      SHA256

                                                                                                                                      1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c

                                                                                                                                      SHA512

                                                                                                                                      899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      964fef029235d4b3994f2e629fbc691d

                                                                                                                                      SHA1

                                                                                                                                      f73d0ec50710c0839d851be07d5d97f8f2c7482b

                                                                                                                                      SHA256

                                                                                                                                      1e509aa367682ddd6c0b3995c9ed9c61286c4d29ea9ae8922f343d971c2b807a

                                                                                                                                      SHA512

                                                                                                                                      37a26acf6074caef740e5b635cc3732287f3e0eb5dd86bdf3663ca7a215fce8bf79dfd925badafeb5fb04d767ccc6e98760bd7f586ad71a9436526a733c88f6f

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                      Filesize

                                                                                                                                      152B

                                                                                                                                      MD5

                                                                                                                                      c051e65766251fba42f3592849509071

                                                                                                                                      SHA1

                                                                                                                                      6fbfe7b6c060d0e91be4b724b8c0ece58b9825ed

                                                                                                                                      SHA256

                                                                                                                                      0d5826cfdf401ddeb71949399493bc0bd8c72b04c7b409cef89b7eacad261fe1

                                                                                                                                      SHA512

                                                                                                                                      107b18f6c432b3511f04c6dfb3ad75d58ac12a90b24c7396f62ac6d04735fef3706339bd2eb30704568b02a33c9cc6856a3a54440e35924abb3bb28d536c0679

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3e722d07-a674-4e4c-920b-f2b99331c7fa.tmp
                                                                                                                                      Filesize

                                                                                                                                      6KB

                                                                                                                                      MD5

                                                                                                                                      c408fd249b8f85330423e1cc5cf9056d

                                                                                                                                      SHA1

                                                                                                                                      daa876c1f423ba471b5dcced4912b47aaaf41b5d

                                                                                                                                      SHA256

                                                                                                                                      d34930278798d26af40092061fd9294d82eb515c97a6e962473b87524254020d

                                                                                                                                      SHA512

                                                                                                                                      ae338bb72b39542f637f526d4b42809bc38c874015b10d7e3897348a7908c090a442b921b6dd2b257ec4da4628f9abe299c1787f5c5a0d9ce5911e760440b166

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
                                                                                                                                      Filesize

                                                                                                                                      44KB

                                                                                                                                      MD5

                                                                                                                                      b68b648ec340b412e6d1e216fc2dbbda

                                                                                                                                      SHA1

                                                                                                                                      4640120f697a6b5703bdebffc78fd47fe74b73a9

                                                                                                                                      SHA256

                                                                                                                                      ff2a19fafc5be028a1343c08945076a21be85db369e9757c8acfaccd74932a14

                                                                                                                                      SHA512

                                                                                                                                      7aac0924ff1588898d8cd5a9cc88c905b5a613a36deed1ad2b5c3e159f166d53d5098a4910d29b3449ee5e20a5bb289f6ef27cb7518812a25f366cb1058af533

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
                                                                                                                                      Filesize

                                                                                                                                      264KB

                                                                                                                                      MD5

                                                                                                                                      53f80cc402df6d58e9fe2cfc6412b7bf

                                                                                                                                      SHA1

                                                                                                                                      c7c5ac20d9049d28c8565ef4ed80545c73d1192f

                                                                                                                                      SHA256

                                                                                                                                      0951ce053ff81aedf5e5f3a1f92234a626995d00c68ebcb3a48d4a53cab7ee47

                                                                                                                                      SHA512

                                                                                                                                      2b74a6353fd2dc7d26b00afb03cb8a8d46b0b95185da03efbdf8eab3e0c2a9d54ea84824046fb0ebda264c5fe465268d66543c90523d4a8e5ad24e481a6bb83c

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
                                                                                                                                      Filesize

                                                                                                                                      1.0MB

                                                                                                                                      MD5

                                                                                                                                      37ff2e48be1bdd4da95286da464e3160

                                                                                                                                      SHA1

                                                                                                                                      f8fa94344edc9aa0a6cc22e213512dd8f27a63c6

                                                                                                                                      SHA256

                                                                                                                                      22d919197c5ec1ff0d32ade92b77463c4695deba4b7df1be593c8b160f305a86

                                                                                                                                      SHA512

                                                                                                                                      b2b6dcf6263fa582f44af3d675415fa6bd4ff7abae93c034771413b6e048612b5307f9e7240c65a1cacfae13ef5d92d6374c9fe5d1ea100770b1b07920d9dac6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
                                                                                                                                      Filesize

                                                                                                                                      4.0MB

                                                                                                                                      MD5

                                                                                                                                      6cfd23590b24d9f50d2f41be42c45529

                                                                                                                                      SHA1

                                                                                                                                      1d097aea8d7ec8144038653192b195cbe9341c00

                                                                                                                                      SHA256

                                                                                                                                      5fd2606cf2850102a0f3dadcfb4b0abcae6fa40ea60278c3ef9cb1d0c2ba40a0

                                                                                                                                      SHA512

                                                                                                                                      9367c697f293cad973a68a41ef9650cde2c000e3ab1bd99d35b4d0a215ce97911ee69b8018fb0d8ec696e888a4faf2527c4bff5511eefd753fe0ad1cb0b1675f

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                      Filesize

                                                                                                                                      456B

                                                                                                                                      MD5

                                                                                                                                      e79932dda800e71ecd71c3593f89d947

                                                                                                                                      SHA1

                                                                                                                                      d5503b772b3068c992f8eb3cdd6e99b4bcd9881b

                                                                                                                                      SHA256

                                                                                                                                      745419b54ed25f44a822494b3eb5793b5a565104baf26b67505866fa26ff5418

                                                                                                                                      SHA512

                                                                                                                                      3a9457a0f24459c00b0e1e04e067b2d8fef1f2c431226bbc1cae34c795f1b64ab40dc32ef9e0c7d6983a2b41c77be02e3653cabf2dbac4007b8fd6af60b80ad2

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                      Filesize

                                                                                                                                      1KB

                                                                                                                                      MD5

                                                                                                                                      9d289b337d25387c853275933648b7b8

                                                                                                                                      SHA1

                                                                                                                                      f0473342671a2e92510800d4dd2462f5202c626e

                                                                                                                                      SHA256

                                                                                                                                      00032d6d3af4959f2f69223f771da019c1ad3c9a3190fdb2b045be77464365b9

                                                                                                                                      SHA512

                                                                                                                                      d38d0203895260af7582846a96fcabc951d04de3b2a8cae832abeebebf6b384a85af7c6164e5eddb1a3728b5767f730d77734bb88ffe9fc1e96f299b4c559421

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                      Filesize

                                                                                                                                      1KB

                                                                                                                                      MD5

                                                                                                                                      376b055e0dcc3a7da7d60cb667540d70

                                                                                                                                      SHA1

                                                                                                                                      8bd6f0ebcb1e82caf8a2312f1c4810a3c1239ae1

                                                                                                                                      SHA256

                                                                                                                                      d00370b37aa201f995bb16d420f3c2a1dd6c132741e930591915628868182682

                                                                                                                                      SHA512

                                                                                                                                      889bd95334feac9fe69202d90ff01c7cee023f21d904ea59fa6115d21f152ddf5fec9b947383f1ba2c5464520f9cc30ff2237535bc9ec8a95cff8830b2fa23d1

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
                                                                                                                                      Filesize

                                                                                                                                      20KB

                                                                                                                                      MD5

                                                                                                                                      3ca63ba79ed0620c8132fdd21f460686

                                                                                                                                      SHA1

                                                                                                                                      eef29d04d70fa70bd3a93e2da478e6ca0491a7bb

                                                                                                                                      SHA256

                                                                                                                                      238d46a101a7ad2e7195807c7e33a49e589ebe0f09abb7f5af2a46ecf5fe9515

                                                                                                                                      SHA512

                                                                                                                                      36114d114da3921949cdccf681bf7059994a48d4dbe9f47ae3faccde1b8e1fb63939687b20c425b9e054af646ea1e67ec94e8c22ba3e906903e55dc306dc3297

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
                                                                                                                                      Filesize

                                                                                                                                      319B

                                                                                                                                      MD5

                                                                                                                                      aee0a1f50904e51c89cf5f91478ef472

                                                                                                                                      SHA1

                                                                                                                                      1f651aa352720f0cf9eebb5aba02dc9ab1d3a3f0

                                                                                                                                      SHA256

                                                                                                                                      1ad67f25461f3b102378f86bcf6d6ea81575d96f2efb7dee9b2c46dbf4dcd033

                                                                                                                                      SHA512

                                                                                                                                      d8651dd1d7a9e4fc0081928772e175eaee589b3d901bdfcca8a717cfa63222b6183ba1268bf29a19d1859f481507b5fbef44d1e92bafbbdecb1b293956b43fc3

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                      Filesize

                                                                                                                                      20KB

                                                                                                                                      MD5

                                                                                                                                      021a5bb8804b17acbfc912439097583f

                                                                                                                                      SHA1

                                                                                                                                      fc3a20fe6ef6fd459a435fa95fb25f1404dff892

                                                                                                                                      SHA256

                                                                                                                                      e92308a57945433f6eb8343fb63bea40ba840871e74142634d7c2260d8d2b5c3

                                                                                                                                      SHA512

                                                                                                                                      3dba96d0331de6b54fa65ace82bec8d912f272a9e702b0b7a125b36ed17977e0a8d4b583daafc534be1578833485266c3ce302bc246327efb24f4ec029a8bfdc

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons-journal
                                                                                                                                      Filesize

                                                                                                                                      16KB

                                                                                                                                      MD5

                                                                                                                                      b5037e522030e373811a70f096860f8c

                                                                                                                                      SHA1

                                                                                                                                      cf09aba955d508f73721d93495d3720a4a3e50a2

                                                                                                                                      SHA256

                                                                                                                                      97450ae236519ffa2b7adb1ae30337750732b883f30a14b17a1644ec5f4758e3

                                                                                                                                      SHA512

                                                                                                                                      f46302c01e6634321de3bb8632311613544cc91310b1cb20357808df4514bd30761e318b20ea2ef2d199fcc38645e13ccd62e3309f4289f018d964cd1fae5d74

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                      Filesize

                                                                                                                                      264KB

                                                                                                                                      MD5

                                                                                                                                      3c210b535ab8fc9ca90b24e8985e8bb9

                                                                                                                                      SHA1

                                                                                                                                      01dbac3efa8f73f1b21e64522b68d7c06aa055dd

                                                                                                                                      SHA256

                                                                                                                                      e726d8f2c784e72e76b10450e8be4708c2d0b71728ebe47438dbe242d4b109b8

                                                                                                                                      SHA512

                                                                                                                                      702a30199c169c9579af39200b6de1d2fe8636363d5d78804a58c5169ea8fe8485e669989002c09de7f576a9292c5cfd4a77991ff04f4f2926992c31f810ce9e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                      Filesize

                                                                                                                                      116KB

                                                                                                                                      MD5

                                                                                                                                      0602895fc87bc43904a448e0e0a2ace5

                                                                                                                                      SHA1

                                                                                                                                      e55335c0bd716604b240404c4b82799ebeb09b07

                                                                                                                                      SHA256

                                                                                                                                      ee0a12fdca556002211ccb2266ee646ef3efce07bd6ff58adb9b5ceffc589fea

                                                                                                                                      SHA512

                                                                                                                                      8a9b813e4e34cb251ef04f093c8e9bd568b00b61ccdab54db09cf272f2946ef5ebedbe6e743d2f00ddcf5eb5d2b64c6a8628016aced8df16097f0d3da7844c8e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                      Filesize

                                                                                                                                      860B

                                                                                                                                      MD5

                                                                                                                                      144fec2d376e0696c2e22875455a9762

                                                                                                                                      SHA1

                                                                                                                                      b2f357ea5a21ddd4aa8db099557ea6eec7b2c072

                                                                                                                                      SHA256

                                                                                                                                      055f20875e90f459d97c72a072f8f943b304c3f7d854abbcf8788a89a3fb78b5

                                                                                                                                      SHA512

                                                                                                                                      3b7e3cfe8db4e76e3f8d7ba46a2f9958c2ef2e5cc23aa830d56d2de4b78e81c8e0ad371adb5d80f5f4d98eac92911ea6dbf76187e5f5bcc70e502e483e7f39f7

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
                                                                                                                                      Filesize

                                                                                                                                      44KB

                                                                                                                                      MD5

                                                                                                                                      86dd4ee7f390633d89a661069209c776

                                                                                                                                      SHA1

                                                                                                                                      1ed941a70ad61f68eb9736b3690a909eab58672b

                                                                                                                                      SHA256

                                                                                                                                      842f9ba4462b1a170c1df6f180e254115953ae1bcf425e55315f428240c35983

                                                                                                                                      SHA512

                                                                                                                                      6beff8df42cf9ad1249fd5cf6cbaae1b8b6626aa79fe90237b74c25eeb78ab54b6e6aefaeb93534f7c8eb64d612aaf6bba3e11bf492a261dff219460e8a6bf8c

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                      Filesize

                                                                                                                                      331B

                                                                                                                                      MD5

                                                                                                                                      83a07bc31a3bb7d621db0a52a53aae18

                                                                                                                                      SHA1

                                                                                                                                      598186681543d415c3f8ea8067868314cc274f90

                                                                                                                                      SHA256

                                                                                                                                      b4251935e540d4f8f45a889b28ba23fea3e7cc84284bb6c6dc0773b8e243af0a

                                                                                                                                      SHA512

                                                                                                                                      7ed2c72a3b90a486d00e5baffb9f50c08bfc12e72eb25f94a61824b883e0a3d2978edac6610f0dc0675d744b98af057beada310385af0f7e4642888ad65c9ea2

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      MD5

                                                                                                                                      1df6a5c7c93dca783d494a79ef749e95

                                                                                                                                      SHA1

                                                                                                                                      72dd8190b8c8cfb47d77f7b23d53096a5ea464f9

                                                                                                                                      SHA256

                                                                                                                                      c673a04953c69d29e73011f3c3235e427eb5f4cd499d9df8665eae7b04affd89

                                                                                                                                      SHA512

                                                                                                                                      a2f9739622b6796ec2afcfeecdc210c14aec51a1d4ad16b29d5986838eca9bea7e94df610130762ef38fd8ea005c47008f58a22e7a7209ce47d1ce77737e918e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                      Filesize

                                                                                                                                      3KB

                                                                                                                                      MD5

                                                                                                                                      c1711b7afaf15b66ff9033deceb8e9aa

                                                                                                                                      SHA1

                                                                                                                                      311a94e8453ecc4215610de11254d5cf5a7a0c54

                                                                                                                                      SHA256

                                                                                                                                      9b93d1ce0e7dcbfd0e8cbb1d079b72cebcfa3f17f68404b63ca5b1928ac6b18b

                                                                                                                                      SHA512

                                                                                                                                      217f7e921e81480c0f4cc54898d4f861598d58eb5ba2f49a5dea8f7d9c74adf87c00cc72f6ce63126a6b5a83230912a8e8c9de66ac1cc3a706830a448b29f166

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      MD5

                                                                                                                                      44536bfc7e43d0055492ed9b11fe4416

                                                                                                                                      SHA1

                                                                                                                                      f7e2c20e40cd3f9c9bc1cba1dd7dd31240dd59d0

                                                                                                                                      SHA256

                                                                                                                                      78c04d005df44670406aa1dd2e56d8eaa667ad7ad69f52330891ac0cc1c21a00

                                                                                                                                      SHA512

                                                                                                                                      e3b2995fc996cc181a2426277ea7f1c73306b6f6359e625121c88cdb101650060a32088efde06d5b0fc04fa80fd384d85719b086aebf2a8365a2521903d55ea1

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      MD5

                                                                                                                                      e186ac2b9d136c7466367d060857426a

                                                                                                                                      SHA1

                                                                                                                                      c512710c91d445adb72760c5bb5864c927174fcf

                                                                                                                                      SHA256

                                                                                                                                      faf367397e36dc06d323baede02050680e12b84d583238e717b2e276fa60ade1

                                                                                                                                      SHA512

                                                                                                                                      602e1e4b826db9f2cae66b2e5fa06d97ee7f20a907844ffa3f341cda3c40fa073572f677f8e959fd3ea3aa21613922aec836d5a5b7d9f202a593e94c9cbfafda

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      5KB

                                                                                                                                      MD5

                                                                                                                                      0253ccd99fb4bd15a2d5fd3e0138044f

                                                                                                                                      SHA1

                                                                                                                                      16c482b0dede03c1b02c33751400516a96c1363d

                                                                                                                                      SHA256

                                                                                                                                      5e321827cabc1b1a8db1b00a8052587358dce8b053ce2704e105ae1d02bc4aa9

                                                                                                                                      SHA512

                                                                                                                                      606244f2513c5837046bd45fb29511d746374345530ead70aed48df4d1ff65fd7334c741d370f498a7d54e57a0c0c41d54c2633aaa4de5df6a6d17ea799ae9b5

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      6KB

                                                                                                                                      MD5

                                                                                                                                      008f17974f8ff06dab76652f8a8b4d0d

                                                                                                                                      SHA1

                                                                                                                                      104e793d625f3b1501ff7e3d32dc31fee9baf7a5

                                                                                                                                      SHA256

                                                                                                                                      3e2ce6ec2de2ac6ec15d6863f9881bab44ffc6f626e1a57ed58466e662eeb0a5

                                                                                                                                      SHA512

                                                                                                                                      4b5eef505661118b5fb76a4060ec3885e60c435e0877c32ef6bd8a6ef8fde3be8759f595bdb61f95fdbe8bbfdb65214db5f2f5128734eade01918ba42d9b56b6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      6KB

                                                                                                                                      MD5

                                                                                                                                      7aef8d64291d2f1b5e18a8a6c7d2eb64

                                                                                                                                      SHA1

                                                                                                                                      f0e82ccaee54bf29281ff3328f8943bc235cf20a

                                                                                                                                      SHA256

                                                                                                                                      5106310f8220a91e4633407845ddc3adf3afebad5dc767b467d1fa18c7b34253

                                                                                                                                      SHA512

                                                                                                                                      0bfb449872d0e82a6f2e3a5cb28485d9c4e4f251c1a43633eea447daedccc3d6e2fa0426ef9c820177bd84dfe35ef9d2685362ff036a526bbbdf525629b5847e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      6KB

                                                                                                                                      MD5

                                                                                                                                      89a3bbdc0433377575b7c648b3c2c8f4

                                                                                                                                      SHA1

                                                                                                                                      f7bf6e94e6403cb805909b366c95558961bd0784

                                                                                                                                      SHA256

                                                                                                                                      5c50ea8b23e2fcb5b6eb2cc14ff64d6f122d8a2d198b486edf0ec8e108bf8f22

                                                                                                                                      SHA512

                                                                                                                                      fdcc69509103191a62f52582fd5960fd272dbad37728f0dc6c1b0f8a89047c5715f8bcaf9b3f4576781b41e8c07d99954345d68f1b675acb166f26182f872bb8

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      8494874a53c9d988026432db3862cb1b

                                                                                                                                      SHA1

                                                                                                                                      d81aaefc5846ac883f5e3fc1c3f8ec862f750070

                                                                                                                                      SHA256

                                                                                                                                      1ab63d97284c9033babab3d6031fc62606ee12c372e53ef12580c530242471af

                                                                                                                                      SHA512

                                                                                                                                      5a4df4449552f238c73afc9ed6cbd1e1a73ef40b718567051386c1c520164e2af2721c1fa9fd2564b5a6209ab8fb2878e4a52a022e85e2d12ad7c58be00c95d6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      f3aad789b0d67d013c20ff864e3a4207

                                                                                                                                      SHA1

                                                                                                                                      768fc8850dad8e719691af4dca9b4a4b3e515c2c

                                                                                                                                      SHA256

                                                                                                                                      711a7fc7b78e4e354d6782b01f98619036558a90dda0016d4e3f837932785da9

                                                                                                                                      SHA512

                                                                                                                                      368eedb56b19707004ed4d4ebfc2fcedd7d6454be1e00b76d2775a73710c39c57ed00aeec76644cd6cb681b79eeda7598697ffe2f6a2e547ccb73ff4975c23ec

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      30d8b8db469b49b224397c2ac5272d6f

                                                                                                                                      SHA1

                                                                                                                                      bdb5da91ed66c6b660ced8bee9045d2bd61c7617

                                                                                                                                      SHA256

                                                                                                                                      343219a66726481d850483ad5304ef240e6447b3763d08a5a1782993033d48b0

                                                                                                                                      SHA512

                                                                                                                                      fc17dd8bbf251c31b9ab087ac58c90dc35c5820a5b17f19dfbdf32b8ef5bf1607e6caad95debd70984593bcdac2ab38bde262474ad4c057065ce5186a294e27e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      37589dd123234e971a281389b19d0b78

                                                                                                                                      SHA1

                                                                                                                                      317300cdc47be48b0a559c0ffe350e6a8bb1dae7

                                                                                                                                      SHA256

                                                                                                                                      8c4acbb44d782b61e00ecb51c7c013019029c4188edeec10439a56b294cab723

                                                                                                                                      SHA512

                                                                                                                                      189d6904b49c27f48eb40ff7eec306dfba81836aa08febe4ea5e0bdfeccf9ea7f8d4a46fdd4494621929dfe8c2b0e99825d8194f90c28eacaeaabfed6732f7f2

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      5d3323383816a11d6e9bfd9fad39c630

                                                                                                                                      SHA1

                                                                                                                                      458a925734a146fef46a026d0fd747a3701ed611

                                                                                                                                      SHA256

                                                                                                                                      8b669d0fc07104048f37856d9f03e02c183da338ddb73e348406c9f6c0b2d6c0

                                                                                                                                      SHA512

                                                                                                                                      13ffe749d5eb4de09a720269c5b0a6ba21fae6c1eb0e59ebe274b2ea838eb62e89ed9612643ef76d783fe44d68b374c1a93fecfda368a75bdd39d5b7b1f76139

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      2ddaca4a10e8181d43a7b08afe9b7131

                                                                                                                                      SHA1

                                                                                                                                      ce64d0f6f735ec3a88923dfd6bc0352f2eabd9f2

                                                                                                                                      SHA256

                                                                                                                                      e990e2f309b8a9b57e1ab773356f3844a5279d4a6ed0f5a031fc306836994eb0

                                                                                                                                      SHA512

                                                                                                                                      4ed07e8addcc74f2f60358a16b327d240edc4d2e355f4b05a0249cd77e82c791b4c9d18c88bac8b2fc5aabc2d3eeaa85e3b7b20b9a84c0d271733c836b17c037

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      ab91375e25df0bf41cef3585da1fe934

                                                                                                                                      SHA1

                                                                                                                                      b6b904dd91b60d329c11d759d03f7e5bc0a0b698

                                                                                                                                      SHA256

                                                                                                                                      95ea8351fff6c0521f65d9da35ad566fd40408a17705bd5e4a8dd7177adc661c

                                                                                                                                      SHA512

                                                                                                                                      6a78c83f40bdc9d38e26a8afeead7289accf6c108366352c279a6c3452b9ae476945889401f1a3384f7e2e768bbfcf2ffc12157a1e71f17f2088aa119b829e11

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      dba42c4e0295b22eb29db3213d02074c

                                                                                                                                      SHA1

                                                                                                                                      d4b364c44d4cbcc1ab9cded2c77f67d629bc84ac

                                                                                                                                      SHA256

                                                                                                                                      06bddc95cd798bdfad64caf31a85ba2822776a7a3ee5ebbedf76802d13fec30b

                                                                                                                                      SHA512

                                                                                                                                      4123a2e6f548c2c8e98c998c97600d8e4b9fde2d2f233e8ec46fa48a515d34621c3c1393c56ea1433f16972d4db7b054aae7476b227853cd34ff0e9461d0bbc9

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      304ee602ecf6cf150bc2d6e11977fd86

                                                                                                                                      SHA1

                                                                                                                                      65986a92dcd18f0ac9af57f40dd963d5b6bc5ffd

                                                                                                                                      SHA256

                                                                                                                                      696ec5e1e03fc3435fa370883342db6c9cd3caa586d3c4b79e33a87b43ef7fda

                                                                                                                                      SHA512

                                                                                                                                      827a6a5907a543acd6191eea759dd96dfd91d2c02299aac805b641bedd96c801b5a972d0737d3fc1c355a6e9b9d478f0d810a11b24fa028636e72c3750e2dcf4

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL
                                                                                                                                      Filesize

                                                                                                                                      36KB

                                                                                                                                      MD5

                                                                                                                                      d3e8812ac661847abe5f34d79948f576

                                                                                                                                      SHA1

                                                                                                                                      528dc3d4e126787ebe4bf1b307cb5ca7efcf60b0

                                                                                                                                      SHA256

                                                                                                                                      6b8c8135b07f9ec7c940f6a3dd905e370f87e7446e68dac6ebdbaa9ab56910d7

                                                                                                                                      SHA512

                                                                                                                                      ef64545788610349ba773632c75450c2b55e8b85e74445802f4394c6568623b530a7df53f0f33448524acdfab99077e0861e29ab288b74573c9f3505ad180792

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL-journal
                                                                                                                                      Filesize

                                                                                                                                      28KB

                                                                                                                                      MD5

                                                                                                                                      25c958812569b6ea41e7f11bf25515d4

                                                                                                                                      SHA1

                                                                                                                                      315b2cdbb80fc9b158c1f7399070c33dc85e7d56

                                                                                                                                      SHA256

                                                                                                                                      2bf97a2e8118a8a0c7285bf229882558d134254f752099356e648ff43c1ae060

                                                                                                                                      SHA512

                                                                                                                                      28f60b546b97e3f7cef228e86e4ed4ffd7cf3df23aa2efc7b643ce0c22c48bd134653484dab3eb7a8911863c7542708fe996c6aee70de8c3be8b3f7cb83b4b65

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                                                                                                                                      Filesize

                                                                                                                                      578B

                                                                                                                                      MD5

                                                                                                                                      4fa387e79fe2ceb25f80f5cd50b2b9fc

                                                                                                                                      SHA1

                                                                                                                                      f52f9a5023ce37918e09a3e6af24c084a8c48fd2

                                                                                                                                      SHA256

                                                                                                                                      8a0f65cef7ed38d60f0f233bf17410c7b52263c7f0c9696c2db6f532bf515d8d

                                                                                                                                      SHA512

                                                                                                                                      34bd7e5542bf5f91a005092931d96102ebd8ffab1ebce3857908d634af32e4c1e937a0d818f3b5b78e175ecc127e92cb83565718a40e923ebb3969c58e9606d3

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                                                                                                                                      Filesize

                                                                                                                                      319B

                                                                                                                                      MD5

                                                                                                                                      0877ad069ac2053c1c02d03344997007

                                                                                                                                      SHA1

                                                                                                                                      beaf2965e8941aeaa27eeb3af567721b3509e1ad

                                                                                                                                      SHA256

                                                                                                                                      b8a627e7971d4ecab5527fbbef8c23b1ca61e4b44953a597a224d8083c730255

                                                                                                                                      SHA512

                                                                                                                                      f504e876a78d10614e4cb1b0fe6afb798a3f1b424755b74d55d0ccb56db47e5c97e410203c0f141f62572b05892e8268e034f2cfb5d50c4cb9b1cf961166cc46

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13377470632177217
                                                                                                                                      Filesize

                                                                                                                                      7KB

                                                                                                                                      MD5

                                                                                                                                      717c74e01700609d7e78c63f2167aa5c

                                                                                                                                      SHA1

                                                                                                                                      437e0712e367bc62a709259de5cbd08190f31a6a

                                                                                                                                      SHA256

                                                                                                                                      92c1ecc189497203a3072c50bbe2a8a732348674fd72bf311187d43e2adf8ef9

                                                                                                                                      SHA512

                                                                                                                                      dd7827f8cc4988360df7c4238345148132a01a72ef3e1b1de544f50f18d296e77a9f68a5546605a21e2a946fbbd3b39071348949779e529772d6848f79b735d6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13377470632401217
                                                                                                                                      Filesize

                                                                                                                                      5KB

                                                                                                                                      MD5

                                                                                                                                      e2f18dc957383a483a5fbb397ac1ac25

                                                                                                                                      SHA1

                                                                                                                                      ae2012cdf6065528bf479d073cefe63982fc3959

                                                                                                                                      SHA256

                                                                                                                                      da1224aadbc85d07836285fe845f46375aff0a8625b07621e586eb8379620bf7

                                                                                                                                      SHA512

                                                                                                                                      cdb5322b1ec9b4b59e7144892fdf1f6668b1690b2225b24dfa8fb416c136bcd47d4a03501c9b4569706c9cc280b16f06ed37fc3675833ba39a781df45d3414a9

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                      Filesize

                                                                                                                                      112B

                                                                                                                                      MD5

                                                                                                                                      ece674befedf2033d54265f4514961d0

                                                                                                                                      SHA1

                                                                                                                                      f809dedbced42ae555175f478ddb19ebfa16b19b

                                                                                                                                      SHA256

                                                                                                                                      464a69fa69fd185c5f6159a3f06c5195a7b13988d6c3272ddb994b891123ae9f

                                                                                                                                      SHA512

                                                                                                                                      035603e837133a44a9008deed203ca5ca9fb2cdac8c4f27fd729f59287ef107a04dafa462bf01fc018a21d1d70357c69ce0f5b9cf1fa736e48c604dd6755f450

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                      Filesize

                                                                                                                                      347B

                                                                                                                                      MD5

                                                                                                                                      284587436a6dd8f1b618ba4e7b089b6d

                                                                                                                                      SHA1

                                                                                                                                      4c169778b19bc081f214e0f9d2886711ce54be77

                                                                                                                                      SHA256

                                                                                                                                      a1cd19d84eeb8c97441bb55dbdbb1787a64fdf3386f8a60d36c720fa1d590c64

                                                                                                                                      SHA512

                                                                                                                                      f47834977c2f5bb53f44ac1243fe5e1a23f02f916dd49fb3d34e57231713cc347f307a80d894ffbf4d6c817716b380757ef95c6594ba53ae1dfcc3174a008e09

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                      Filesize

                                                                                                                                      326B

                                                                                                                                      MD5

                                                                                                                                      d0c2d24bcc113fc88da2ecda5faac524

                                                                                                                                      SHA1

                                                                                                                                      e59406ebbc222018619d18d5da167a293e163a78

                                                                                                                                      SHA256

                                                                                                                                      a970c91e8f3ec68a3295c767739a38f7b930799f322ee15326d6411ed4b99414

                                                                                                                                      SHA512

                                                                                                                                      cb20bd109fc88f023a021697cf8cfe7c7f2e4826ec2f86dab3c58866f0fb18be794cb07508b5375696c3445afd6a444385cf7aa0dab1148d308d9ee3e41df3a1

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                      Filesize

                                                                                                                                      872B

                                                                                                                                      MD5

                                                                                                                                      4edbc5960662000e8db03544fa3ca5cc

                                                                                                                                      SHA1

                                                                                                                                      7e1932bc96e55707d8e43a15976abb13b09be700

                                                                                                                                      SHA256

                                                                                                                                      4bd55c72dfd485fecb919f370647721fac8dedb17c163240a7cc9e2d03255612

                                                                                                                                      SHA512

                                                                                                                                      fd635fe4c08a04ae2b594e13e7d6428c301c55bbe5fc9f3cc4b2fc14fb4a0a575cfdbd8a6762c4c36c15c533512c366879261d4491745c07963df2f7ddbef4a9

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                      Filesize

                                                                                                                                      1KB

                                                                                                                                      MD5

                                                                                                                                      6f131bc5f855bdf9c968eca804b80ebc

                                                                                                                                      SHA1

                                                                                                                                      0e6410dd82a2068a61789b4e66e8495e7b7e1b89

                                                                                                                                      SHA256

                                                                                                                                      b88fa35c137c8ef70476561b4ba761f11ef65a83da22acbea5721970975f1992

                                                                                                                                      SHA512

                                                                                                                                      0a1f47afed68e8fa48679341e8cc8a25000fe10a45d14b013fddbb7b2325e15351e2f74d8f7a9da255856732fc70ee1f7143145282d4704860469598b06e16c4

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                      Filesize

                                                                                                                                      1KB

                                                                                                                                      MD5

                                                                                                                                      5108a39883050152c5aff152ef74ac88

                                                                                                                                      SHA1

                                                                                                                                      68484e4fbad463e1bef55f69ae0f0d60834ce748

                                                                                                                                      SHA256

                                                                                                                                      5ac29143bfb5f00b69ac978b5552fcb5a5bfaab24a182519c8a08a9da30c4ee9

                                                                                                                                      SHA512

                                                                                                                                      474272c1fcdd29c319bed23a9e0aa414de76a8405e4d6afcb254afce4c4c08f9f780441040953c9061e0e7f1aa4c714a9a3f0fdb53513e286781103a44807a2d

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                      Filesize

                                                                                                                                      128KB

                                                                                                                                      MD5

                                                                                                                                      9569fad7eaf3f6a4debf19d79c74631c

                                                                                                                                      SHA1

                                                                                                                                      25e20197a0cd1f09ae70a9f3cd8b3f9a5c4db17d

                                                                                                                                      SHA256

                                                                                                                                      210d70cce7ee3f2c0b37497d7a15401602381b5d54f9aa4fa1800321d77f3245

                                                                                                                                      SHA512

                                                                                                                                      217febc47034919b375a243ef1e09ee7b8cd8e6a4f7e6ba9479bb9cc3e1d0c4e30359f39f6c1a292c021c79a68bf832b8f35603c07ad3f7655c3e5025c021ef6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                      Filesize

                                                                                                                                      16B

                                                                                                                                      MD5

                                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                                      SHA1

                                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                      SHA256

                                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                      SHA512

                                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                      Filesize

                                                                                                                                      16B

                                                                                                                                      MD5

                                                                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                                                                      SHA1

                                                                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                      SHA256

                                                                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                      SHA512

                                                                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                      Filesize

                                                                                                                                      16B

                                                                                                                                      MD5

                                                                                                                                      aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                      SHA1

                                                                                                                                      dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                      SHA256

                                                                                                                                      4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                      SHA512

                                                                                                                                      b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                      Filesize

                                                                                                                                      16B

                                                                                                                                      MD5

                                                                                                                                      206702161f94c5cd39fadd03f4014d98

                                                                                                                                      SHA1

                                                                                                                                      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                      SHA256

                                                                                                                                      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                      SHA512

                                                                                                                                      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e995d44e-66cc-46a9-9656-89e82a25aefa.tmp
                                                                                                                                      Filesize

                                                                                                                                      1B

                                                                                                                                      MD5

                                                                                                                                      5058f1af8388633f609cadb75a75dc9d

                                                                                                                                      SHA1

                                                                                                                                      3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                      SHA256

                                                                                                                                      cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                      SHA512

                                                                                                                                      0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                      Filesize

                                                                                                                                      44KB

                                                                                                                                      MD5

                                                                                                                                      5b5d9b4eef180cd5fc14bd3d8b46a534

                                                                                                                                      SHA1

                                                                                                                                      8ea854ce157cd8ed41e3e4656e0890a31e843588

                                                                                                                                      SHA256

                                                                                                                                      a187a9dd0598bf70de3a8699bea33b74a9b737d41633a7f30d940fbb47227e0d

                                                                                                                                      SHA512

                                                                                                                                      5cd9c65157b98a7e99f9182b3a27c2118d97688ca020b69d1551061716f29c5b6291a7109cf5ca6e768bea76bcc1673a5ccffde63cbca82dba5b4c91a1484cd8

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                                                                                                                                      Filesize

                                                                                                                                      5KB

                                                                                                                                      MD5

                                                                                                                                      6d825aea308c76ed086bf2bc0322a27e

                                                                                                                                      SHA1

                                                                                                                                      caf66ad94726918d85484dfcd8c8b7513e3774d0

                                                                                                                                      SHA256

                                                                                                                                      e2fb9b21e32113cbeca18d3ba1deb7cacae0259e7e543729c192e3b1ed849085

                                                                                                                                      SHA512

                                                                                                                                      c21e1422d2ddd4be27043758fc9fd295a4a316b467a259c9d1693233de71b3cc239200f75f8f304d3cc7b37e3c24d533986b1c02d7197f79ca1c41b4944b7c77

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                                                                                                                                      Filesize

                                                                                                                                      322B

                                                                                                                                      MD5

                                                                                                                                      aa87055537d04c0ab891cee8a3032f84

                                                                                                                                      SHA1

                                                                                                                                      37fa6913a612bb0f6a44663923a7eaa4e6148b23

                                                                                                                                      SHA256

                                                                                                                                      f6a4abf30cf3082114871a2e5b65345be22a59683b8e582c8e86cd98788b4c2a

                                                                                                                                      SHA512

                                                                                                                                      80856c092405548cd1a1ef95070235b949cb8ac4f7cbe08b1e7c6c2e1f00ac2c6f20281e83c8b6583dc2bd1caea6359e74b5aa660e64d88d506382c9b77afa02

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                                      Filesize

                                                                                                                                      318B

                                                                                                                                      MD5

                                                                                                                                      7457aa2c637bce71a0b9f7aca01bca3b

                                                                                                                                      SHA1

                                                                                                                                      c7781f2660ce0bb37a35959a5b09acb66769a7df

                                                                                                                                      SHA256

                                                                                                                                      902211555c0e1d35db605bd8e7c9c0404c21c3f532f783e94ecbba305072e56c

                                                                                                                                      SHA512

                                                                                                                                      49046750fba9691c951eea90d5695df287d24a28139897cd1a7ecf6a61682cba6d207cc386a0160cbd5c315c5874efca2eaae77bc81d2840fc5e5973a9bdb301

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                                      Filesize

                                                                                                                                      340B

                                                                                                                                      MD5

                                                                                                                                      a395cf016103b0ffa271e147e14e6709

                                                                                                                                      SHA1

                                                                                                                                      92d7bbc6e6d172f03d7d1555e4892e365e51a97b

                                                                                                                                      SHA256

                                                                                                                                      98859b5dd1406ab51454cbe8dfa75763ea67426c10216c084764338a92a2b8eb

                                                                                                                                      SHA512

                                                                                                                                      3f7f883faee895ed0df33abec0a41f0b139d3b66315411dc03a6bf17dc6ba7d7313b259294d6a5f38588105b5e8806aeddd6cd02395c47041219106b92cfd6dd

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                      Filesize

                                                                                                                                      44KB

                                                                                                                                      MD5

                                                                                                                                      f0b14fc027d2a4062025b9937b1c22a7

                                                                                                                                      SHA1

                                                                                                                                      f61da2394e786f83799183b7f0c89a72299f7997

                                                                                                                                      SHA256

                                                                                                                                      ddddd62214654bdd33e71ff7fa272cd886995385ab6051fb585dc191c2315642

                                                                                                                                      SHA512

                                                                                                                                      3f76782951ec90ff8679d920c4121c44b9ea3b618886a6b0a6d90852f8ac718e00003d36516ca49198390282f149c1470e591596c33a2406b86d297b2dcf3830

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                      Filesize

                                                                                                                                      264KB

                                                                                                                                      MD5

                                                                                                                                      06ac7f1b02f9d020908ac48b5f07e5c0

                                                                                                                                      SHA1

                                                                                                                                      6084bbcd43d3aecdf705f5e5d113ee513a4d9dd1

                                                                                                                                      SHA256

                                                                                                                                      25e6d2007ad9f00abfc0c405e065aea1579d63745e65dd7f9f6b988c1443382f

                                                                                                                                      SHA512

                                                                                                                                      77843c34e866029ff6ab378e5f6874fa59584e68a13623eb47ea8b75b4ea52a807e13caab5a0369e54bc3b877aad275993a647fee2d878ec625f5bca872136f4

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
                                                                                                                                      Filesize

                                                                                                                                      4.0MB

                                                                                                                                      MD5

                                                                                                                                      05a293708b98e46a4e4a3091293bd4d4

                                                                                                                                      SHA1

                                                                                                                                      e26a0470134b8dff6203fd524c99aa592796db9b

                                                                                                                                      SHA256

                                                                                                                                      20e7510eba036b777302ca9391ea5a09d749be12e1481d077d8fd7a7a113db62

                                                                                                                                      SHA512

                                                                                                                                      9e5e7e4276182c6e7cb421c65601b4c0dfca3d49b126caea761a87ddc02b57f74cfaa0186bdeec1bfdfd77cd99d3cfadcc5076b57815ed504f40ea3f3e0fa94e

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
                                                                                                                                      Filesize

                                                                                                                                      20KB

                                                                                                                                      MD5

                                                                                                                                      7e86d5c1bf2ff36b15bfbd8fcf748b16

                                                                                                                                      SHA1

                                                                                                                                      59a1515ddff8caec85c4f27ffb17b69a42ec6226

                                                                                                                                      SHA256

                                                                                                                                      82f03e141e82546b261c1a24cd9ae3cfd4b19a7b4f343a296428deeda88cf856

                                                                                                                                      SHA512

                                                                                                                                      943fdf966d2ca4bfb35e01431e7bae1611e86d4bbf9c27524ba4502a9a93b8c0bb39e7760a8ee76993c4099da1ff49febe0b48468f134d4121f22a0ffb41bf2f

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
                                                                                                                                      Filesize

                                                                                                                                      20KB

                                                                                                                                      MD5

                                                                                                                                      2a029687e73114ebcb4fad10c0114e8a

                                                                                                                                      SHA1

                                                                                                                                      f09cbbed46b9f8c731568bdcee13024e89bda397

                                                                                                                                      SHA256

                                                                                                                                      fe6e92a5b020858bbdd8089533c6f22703bc5927e22f689c384164096705b11b

                                                                                                                                      SHA512

                                                                                                                                      211dc45e2bb5739bcf863c44ca8132f92e895b3c95d074929aa4338698d53c6ccb3a8e2f23180260d9226073f4f5cd21a200010a7a224de7c8ac2e1cc853730d

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
                                                                                                                                      Filesize

                                                                                                                                      17KB

                                                                                                                                      MD5

                                                                                                                                      ca765b8e7dba1f1d87e3759809ba37d2

                                                                                                                                      SHA1

                                                                                                                                      9b72c329e11bbbe5d3b32ce94fde87e94ff0bcd1

                                                                                                                                      SHA256

                                                                                                                                      aa9be59895aa68a436dcbf217cb626eddf9b2d0fb11e31c7943f846bc1df6c76

                                                                                                                                      SHA512

                                                                                                                                      c14ce917fd59a600e57454b61c419dddfe3d0b7adb43cb07f9cb7b1c2b5f59a0cd1596006874b9bb53c2f092cbcf332e3ef0bda9b6c2616c9bfac80b8f0c7a32

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004
                                                                                                                                      Filesize

                                                                                                                                      17KB

                                                                                                                                      MD5

                                                                                                                                      01c531b6bbd06a2f0b438670f84804de

                                                                                                                                      SHA1

                                                                                                                                      a5095fbdd8112d83cff24536d6c769ba85300587

                                                                                                                                      SHA256

                                                                                                                                      28c2640e996c514e89ed0638447c3f58bd7a829290bf16d27d7960d2c1121efd

                                                                                                                                      SHA512

                                                                                                                                      61656b632ab006e389d8493ac008d3c670fb2f3a21cea44975c12a62f265f1c0de2ab4f516b302e298bba13dc9c5fc9841adb66f154c335416ce9b0cef89e118

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                      Filesize

                                                                                                                                      11B

                                                                                                                                      MD5

                                                                                                                                      b29bcf9cd0e55f93000b4bb265a9810b

                                                                                                                                      SHA1

                                                                                                                                      e662b8c98bd5eced29495dbe2a8f1930e3f714b8

                                                                                                                                      SHA256

                                                                                                                                      f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

                                                                                                                                      SHA512

                                                                                                                                      e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                      Filesize

                                                                                                                                      11KB

                                                                                                                                      MD5

                                                                                                                                      9dbced0364d79616b34ef6881b64d15c

                                                                                                                                      SHA1

                                                                                                                                      95df1772486fbcdd53d53190d19338922ec35070

                                                                                                                                      SHA256

                                                                                                                                      573cc23298096361502dc9f90df804100275d87e82f4f8772519b07b1b7b30ba

                                                                                                                                      SHA512

                                                                                                                                      41646e33589e00c1fd043d2891eeab3c91cf01fce765d5b70c5329360cebed7bcfeaaeca3548023a524f0084343974bf17952f7edf0e3764579ee6f5b3d1a64f

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                      Filesize

                                                                                                                                      10KB

                                                                                                                                      MD5

                                                                                                                                      0a906866155a8178df92780ba899ad59

                                                                                                                                      SHA1

                                                                                                                                      866c852d37c9e1947b6e2f1a2f37d7dcbac79d71

                                                                                                                                      SHA256

                                                                                                                                      7c7f6453cad7be2b6cc850887ff7229e5dcd92893ecb8b85e6cbc405851adf4a

                                                                                                                                      SHA512

                                                                                                                                      bfe664728155113b81bd64ea8b7fd4a164b0d1453f0230633d891671c8bfd4009cf712b4ecae7e6802062f1ddfeeb626b9de98ac47dd32a2ac8a4d3f16db6353

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                      Filesize

                                                                                                                                      10KB

                                                                                                                                      MD5

                                                                                                                                      aad5d0bde1fa3e8c72832848126e23ba

                                                                                                                                      SHA1

                                                                                                                                      9ce8c9f0a36c7baac73ac8d5efef4b18851d986c

                                                                                                                                      SHA256

                                                                                                                                      f749f804e536950081962cb29feedabd1a1a680c11d95fb69d4e34659e9afad5

                                                                                                                                      SHA512

                                                                                                                                      1eb9697be19ecbb3e3defe654473e7959284dbd182950724eadb167234ed9d9468e060c82ada8418b3e162d773e352b92a4223ab1f2b4899cc441fdfdc58ac20

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                      Filesize

                                                                                                                                      11KB

                                                                                                                                      MD5

                                                                                                                                      1624d3506a4a0099407d2e4816f0dc83

                                                                                                                                      SHA1

                                                                                                                                      75add8ef8a63e9d43af56b9a9cc41e3951011363

                                                                                                                                      SHA256

                                                                                                                                      8524af9747e1045bff288921ccb64f0df7c883feb74c9214af3c9bdd7196f9b4

                                                                                                                                      SHA512

                                                                                                                                      629719d62d6011d298004ee1adfdb1307f17f66ae4ad613b8914a1715e3630b83d82cbddab984c8ab8a9aa39ae1ac21ff0f71a47a4cfcaa0b252ff15fdc518d5

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                      Filesize

                                                                                                                                      11KB

                                                                                                                                      MD5

                                                                                                                                      992b5db47f086f91e4449707bf0a0136

                                                                                                                                      SHA1

                                                                                                                                      704c1e8257df812fa1c274ff3e3a717218ac556e

                                                                                                                                      SHA256

                                                                                                                                      4c98ef3854b7823d0a6a00779dc7339d33898d762605a2d3a6068394f34e3e24

                                                                                                                                      SHA512

                                                                                                                                      7406a2246eea203f855ce17dc512160538ff843f3dc01e95106b16d1fc1e5bb8cfe1c6d227727a6b930cd14622832cf0f74c5593110a90777e0323403aaefbee

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                      Filesize

                                                                                                                                      264KB

                                                                                                                                      MD5

                                                                                                                                      f50f89a0a91564d0b8a211f8921aa7de

                                                                                                                                      SHA1

                                                                                                                                      112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                                                                      SHA256

                                                                                                                                      b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                                                                      SHA512

                                                                                                                                      bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\9f30c3e2-9823-4d1e-b31c-cb9479e3f5ee.down_data
                                                                                                                                      Filesize

                                                                                                                                      555KB

                                                                                                                                      MD5

                                                                                                                                      5683c0028832cae4ef93ca39c8ac5029

                                                                                                                                      SHA1

                                                                                                                                      248755e4e1db552e0b6f8651b04ca6d1b31a86fb

                                                                                                                                      SHA256

                                                                                                                                      855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

                                                                                                                                      SHA512

                                                                                                                                      aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
                                                                                                                                      Filesize

                                                                                                                                      10KB

                                                                                                                                      MD5

                                                                                                                                      711f1a880c08e1f7867f1bdd117320b7

                                                                                                                                      SHA1

                                                                                                                                      50c2d0859f6fd41024d486e2ab537507b975991d

                                                                                                                                      SHA256

                                                                                                                                      f868e98aa21c341e365d73e301d87c006b557033d8d7b2808fed207734fe5143

                                                                                                                                      SHA512

                                                                                                                                      885c2abd9047727b33ea760836cbbe4eaf5fddc08375a8b37840c99332131f0f7164f87c0abeb4523f42262349ab12a1c22c12813a9d81d6955c7d20b41a9a0a

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\AutoHotkey.chm
                                                                                                                                      Filesize

                                                                                                                                      1.9MB

                                                                                                                                      MD5

                                                                                                                                      17d5e275dbc8278d888f7da1d681d7e3

                                                                                                                                      SHA1

                                                                                                                                      245cd35e6caa42fdd3936d2122c7464c877d6591

                                                                                                                                      SHA256

                                                                                                                                      de37a93068ca25701b3413eab0f01fa1646d2dab0346d78494192e95d94ad521

                                                                                                                                      SHA512

                                                                                                                                      041420c5fcba5d2fa5e2d549319948eb77b416cb32ce848218b2681f3bdb5a7ab50d795cfdabd068330f6a4f16812ae91564d654a958b0f0bb188d11890c4ad2

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\AutoHotkeyA32.exe
                                                                                                                                      Filesize

                                                                                                                                      775KB

                                                                                                                                      MD5

                                                                                                                                      fd94b77958305a1ac3eeac27ee765256

                                                                                                                                      SHA1

                                                                                                                                      bdf7f5633cd529186c7c9c87c120a58c35515d2e

                                                                                                                                      SHA256

                                                                                                                                      6a98b438b67da7316e9251eb1a92cd5384a8349d239a77903f7282fa076a77c3

                                                                                                                                      SHA512

                                                                                                                                      1e97ddbe9374513ec9a1f51313efb3621f81a309bf78982688b4c19aa389f0b422a604d8adcd84dc1ba28f44135d30edde06e32705fe02762e92cf2bbc725a91

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\AutoHotkeyU32.exe
                                                                                                                                      Filesize

                                                                                                                                      893KB

                                                                                                                                      MD5

                                                                                                                                      b6af97aa32c636c3c4e87bb768a3ceb7

                                                                                                                                      SHA1

                                                                                                                                      83054af67df43ae70c7f8ac6e8a499d9c9dd82ec

                                                                                                                                      SHA256

                                                                                                                                      ba35b8b4346b79b8bb4f97360025cb6befaf501b03149a3b5fef8f07bdf265c7

                                                                                                                                      SHA512

                                                                                                                                      54d2e806503f8a4145ee1519fc5e93cef6bf352cf20042569466f6c402b0a402bce99066decd7729c415cd57da7a9923a1b65926b242672731fe2f9709cf6920

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\AutoHotkeyU64.exe
                                                                                                                                      Filesize

                                                                                                                                      1.3MB

                                                                                                                                      MD5

                                                                                                                                      2d0600fe2b1b3bdc45d833ca32a37fdb

                                                                                                                                      SHA1

                                                                                                                                      e9a7411bfef54050de3b485833556f84cabd6e41

                                                                                                                                      SHA256

                                                                                                                                      effdea83c6b7a1dc2ce9e9d40e91dfd59bed9fcbd580903423648b7ca97d9696

                                                                                                                                      SHA512

                                                                                                                                      9891cd6d2140c3a5c20d5c2d6600f3655df437b99b09ae0f9daf1983190dc73385cc87f02508997bb696ac921eee43fccdf1dc210cc602938807bdb062ce1703

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Compiler\ANSI 32-bit.bin
                                                                                                                                      Filesize

                                                                                                                                      704KB

                                                                                                                                      MD5

                                                                                                                                      31ed560d3edc5f1eea515c4358b90406

                                                                                                                                      SHA1

                                                                                                                                      36efc45f806ee021ef972dc80932f13f532d9ccd

                                                                                                                                      SHA256

                                                                                                                                      f5a5c05bf0fedcc451ade5676a5647e828a6f08cf6c21970e6c035f4311b5a3c

                                                                                                                                      SHA512

                                                                                                                                      cb410bad3297493b68e51677b920a808393a30096eefd1cb2c7cf07c8432c78658e803099841be8167eff3f42475b765992da7c11a31e39108ba49010b07ba6f

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Compiler\Ahk2Exe.exe
                                                                                                                                      Filesize

                                                                                                                                      972KB

                                                                                                                                      MD5

                                                                                                                                      78515b1091f74c0f828aed92d3c972b0

                                                                                                                                      SHA1

                                                                                                                                      0103e030518db102631310ce4e2eb7673d7a1994

                                                                                                                                      SHA256

                                                                                                                                      754a28ed76a7b4eba7909b146cfc4c4c2aa43aff54e10a5cd6dbc939c0732b6a

                                                                                                                                      SHA512

                                                                                                                                      8edcfe6a59d56d69f0fb7672410fcb24fa0722a5d651f076a3b76a424140e162a213fb038c995ae9c2024929c88aa1fbd979694a485163c2d3f8ca3be75502a2

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Compiler\Unicode 32-bit.bin
                                                                                                                                      Filesize

                                                                                                                                      822KB

                                                                                                                                      MD5

                                                                                                                                      db213c2dc5d0f542a1e925f09c021e05

                                                                                                                                      SHA1

                                                                                                                                      41bebccc1dd9c44c4407892daa3d3fe44c2216d7

                                                                                                                                      SHA256

                                                                                                                                      2d193510b56fbdb8530f8ded2f1c9fb982df971dca5fad1f24f558be16a4f804

                                                                                                                                      SHA512

                                                                                                                                      dd0977a599359f577c5a52d0f86092a12488f291613a0d4812fca64e0553c4d61501d5213e7afd1a62c62da8470e4453f8d1ea2bbea0be74ab223bd4b47e97cc

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Compiler\Unicode 64-bit.bin
                                                                                                                                      Filesize

                                                                                                                                      1.2MB

                                                                                                                                      MD5

                                                                                                                                      30da2df436169d6f09732e61d8849a05

                                                                                                                                      SHA1

                                                                                                                                      25694362dfa391caf55733772ca61a95978d507c

                                                                                                                                      SHA256

                                                                                                                                      6e7c9ae1daabdb958a4d9c8e7297ba956c9504b5f76ce61fc31281f5bb0b0b55

                                                                                                                                      SHA512

                                                                                                                                      134b616b01a18f9451cbfd947d6dfcba21a31615a5cb513a29c6e5f77d8bb2776e868a215f7f533b1bac6a82536cd8838db7b1f69025735cbacf94afce158066

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Installer.ahk
                                                                                                                                      Filesize

                                                                                                                                      65KB

                                                                                                                                      MD5

                                                                                                                                      015d8f0a9ba93e41f418b8db8bef6a10

                                                                                                                                      SHA1

                                                                                                                                      06d35e419dc82f91d123f129b88ff46511d1cf2b

                                                                                                                                      SHA256

                                                                                                                                      ef88ba74aef53793937ddfaaca4908772fbaf2e7c9bfb5fdeb3c0a6b95755cd0

                                                                                                                                      SHA512

                                                                                                                                      cd034768b35fdb96251563cb87cddbfa63c55bfb798aa8ec6fdd9faa6b0155d6b42bc30ace6fe9034aac45ba3abc434613df2cb0e07a4b1b0bf0ed8ebb2e71d7

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\Template.ahk
                                                                                                                                      Filesize

                                                                                                                                      324B

                                                                                                                                      MD5

                                                                                                                                      a85eeb1dc6f9a33897c407b4240dc20f

                                                                                                                                      SHA1

                                                                                                                                      be409c1ba630f2f11ab31e5f42c8a90ab49e8d8c

                                                                                                                                      SHA256

                                                                                                                                      23e5115a25e2d539057443b0f0e9740b9ae85d7de0da204f1d739c9b2e206058

                                                                                                                                      SHA512

                                                                                                                                      9ecaf71105745739d79207313bc837ecb9fe63cd1cb66e75808e615dc58f5d931f9744fbb04c74085a8cb03142ce43611af7763e8b21e4821a32a58b0d64f77a

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\WindowSpy.ahk
                                                                                                                                      Filesize

                                                                                                                                      5KB

                                                                                                                                      MD5

                                                                                                                                      32020e55548b1e9e7ce22899617d5cd2

                                                                                                                                      SHA1

                                                                                                                                      6aaeb5009dfae698449449e560feda2257187fd0

                                                                                                                                      SHA256

                                                                                                                                      4688629be394986c8dbe6517032429e6e8cdd9f5801ddb1ac1f53e6fe86eee7b

                                                                                                                                      SHA512

                                                                                                                                      12b5ec622a7f5d3b07d7db821002e4d7886095be0274509d721040812bcf01348daa6a6c9db485d6ac6b58f9684443db0a31963433a33cd3e8a3c7c2e3119475

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z89951630\license.txt
                                                                                                                                      Filesize

                                                                                                                                      17KB

                                                                                                                                      MD5

                                                                                                                                      e3f2ad7733f3166fe770e4dc00af6c45

                                                                                                                                      SHA1

                                                                                                                                      3d436ffdd69f7187b85e0cf8f075bd6154123623

                                                                                                                                      SHA256

                                                                                                                                      b27c1a7c92686e47f8740850ad24877a50be23fd3dbd44edee50ac1223135e38

                                                                                                                                      SHA512

                                                                                                                                      ed97318d7c5beb425cb70b3557a16729b316180492f6f2177b68f512ba029d5c762ad1085dd56fabe022b5008f33e9ba564d72f8381d05b2e7f0fa5ec1aecdf3

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7z8AA303F8\setup.exe
                                                                                                                                      Filesize

                                                                                                                                      872KB

                                                                                                                                      MD5

                                                                                                                                      b98ee9e00b5546763f9c6e65e436f6e6

                                                                                                                                      SHA1

                                                                                                                                      a28e2b0ba6cc748d166b2eb6d0c8acb0bd3b9f3b

                                                                                                                                      SHA256

                                                                                                                                      6d876c526b5cbc5dc5341c1011b1c91639597f46677a1d42426f4a52dfea6756

                                                                                                                                      SHA512

                                                                                                                                      556e632fe39231622398c5afccc51d01f25bc430705a126737877ed9f354c7076b5bf3cbac27f8a1c4db4d326b6a8848fae4b8d6046f816597c370d06e824591

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\Downloads\Fisch Macro V11.ahk
                                                                                                                                      Filesize

                                                                                                                                      25KB

                                                                                                                                      MD5

                                                                                                                                      a4769ae2ced9139e133398c151c02fd2

                                                                                                                                      SHA1

                                                                                                                                      b83b83b38ef749a61c5fdf5a014f6a6aefb91da5

                                                                                                                                      SHA256

                                                                                                                                      44977a3c9c2c48ef042c1c4c529c509dcc643b76753acc66153594eb079b0ff6

                                                                                                                                      SHA512

                                                                                                                                      575032e2cf51abdcd8bef4d919be2c45a07751a7297411dc03091ecd7de4bffaa5e36eadb2f1c6e15d5ca9dd468733dd9811f35277c83f45d629c7f0607a2ca6

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\Downloads\Fisch Macro V11.ahk:Zone.Identifier
                                                                                                                                      Filesize

                                                                                                                                      173B

                                                                                                                                      MD5

                                                                                                                                      790df6dcb3a20edafbbf4d0780b095f7

                                                                                                                                      SHA1

                                                                                                                                      51f820ed993796cc07cb3de6e1b3c69e02baf0ea

                                                                                                                                      SHA256

                                                                                                                                      47a1ad1b49b343dee1a9be6500e018e08839fc0a0bce4db678c37213f479bb98

                                                                                                                                      SHA512

                                                                                                                                      017f048ea55c7433e7277adcf9a9b20be63b6ca8fe1e8a958786a0d4e51a29bf969ebbffc5f2c8aedf22b655700ed35b79b5ec5841708f0caf33efcadff5ebf7

                                                                                                                                      Download Submit

                                                                                                                                    • C:\Users\Admin\Downloads\Unconfirmed 64020.crdownload
                                                                                                                                      Filesize

                                                                                                                                      3.3MB

                                                                                                                                      MD5

                                                                                                                                      c2e8062052bb2b25d4951b78ba9a5e73

                                                                                                                                      SHA1

                                                                                                                                      947dbf6343d632fc622cc2920d0ad303c32fcc80

                                                                                                                                      SHA256

                                                                                                                                      49a48e879f7480238d2fe17520ac19afe83685aac0b886719f9e1eac818b75cc

                                                                                                                                      SHA512

                                                                                                                                      c9a5ea57842f69223bd32a9b9e4aaad44d422f56e362469299f56d8b34b5e8bbf2b51d4e64d2bebe6c95d6d8545a8a88e6107b9b0a813e469f613e1353aad7a4

                                                                                                                                      Download Submit

                                                                                                                                    • memory/6140-766-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-761-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-764-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-760-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-765-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-763-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-762-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-756-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-755-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download

                                                                                                                                    • memory/6140-754-0x00000171402A0000-0x00000171402A1000-memory.dmp

                                                                                                                                      Filesize

                                                                                                                                      4KB

                                                                                                                                      Download