hxxp://Roblox[.]com

Analysis

max time kernel
1047s
max time network
1050s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
02-12-2024 16:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Roblox.com

Score

7^/10

microsoft discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: EA76ADE95776D2EC7F000101@AdobeOrg
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 12 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133776325079394810"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 28 IoCs

pid	Process
2308	msedge.exe
2308	msedge.exe
1772	msedge.exe
1772	msedge.exe
4092	identity_helper.exe
4092	identity_helper.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
5748	chrome.exe
5748	chrome.exe
2700	chrome.exe
2700	chrome.exe
2700	chrome.exe
2700	chrome.exe
5700	chrome.exe
5700	chrome.exe
3636	msedge.exe
3636	msedge.exe
3976	msedge.exe
3976	msedge.exe
2792	identity_helper.exe
2792	identity_helper.exe
5300	msedge.exe
5300	msedge.exe
5300	msedge.exe
5300	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe
3976	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	440	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	440	AUDIODG.EXE
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe
Token: SeShutdownPrivilege	5748	chrome.exe
Token: SeCreatePagefilePrivilege	5748	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
1772	msedge.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5748	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe
5700	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1772 wrote to memory of 8	1772	msedge.exe	83
PID 1772 wrote to memory of 8	1772	msedge.exe	83
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 528	1772	msedge.exe	84
PID 1772 wrote to memory of 2308	1772	msedge.exe	85
PID 1772 wrote to memory of 2308	1772	msedge.exe	85
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86
PID 1772 wrote to memory of 4976	1772	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://Roblox.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd5e5b46f8,0x7ffd5e5b4708,0x7ffd5e5b4718
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
  2⤵
  PID:528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:4976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1196 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1228 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2116 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:6124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:5328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6504 /prefetch:8
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2148 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2020,12483392646334477888,261587963942403904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
  2⤵
  PID:6124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2732

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1956

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x384 0x4bc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:440

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd5028cc40,0x7ffd5028cc4c,0x7ffd5028cc58
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:5144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1908,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1976 /prefetch:3
  2⤵
  PID:5332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2496 /prefetch:8
  2⤵
  PID:5300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3316,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4228,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4856 /prefetch:8
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8
  2⤵
  PID:6116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5148,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3820,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3504,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4832 /prefetch:1
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4232,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3568,i,6677078146483385394,3992653023380876576,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2700

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4356

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:6092

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:4840

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd5028cc40,0x7ffd5028cc4c,0x7ffd5028cc58
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=1948 /prefetch:3
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=2412 /prefetch:8
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4020,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=3688 /prefetch:1
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4664,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4620 /prefetch:2
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4668,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3280,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4628 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4524,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4648 /prefetch:8
  2⤵
  PID:5728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4952,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4728,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4712,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4708 /prefetch:8
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5268,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=5272 /prefetch:8
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5248,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=5188 /prefetch:8
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3128,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4696,i,5295855846108835999,8569716476188045964,262144 --variations-seed-version=20241121-182614.093000 --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:2052

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3208

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1088

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:5520

C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
1⤵
PID:3192

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5776

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd5e5b46f8,0x7ffd5e5b4708,0x7ffd5e5b4718
  2⤵
  PID:5616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  PID:5168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
  2⤵
  PID:5208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:1848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:2640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:5872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:5500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3336 /prefetch:8
  2⤵
  PID:5448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
  2⤵
  PID:788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:3284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5276 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4552 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6880 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,16661498311963475473,6588092256301347176,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:4524

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2776

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4608

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x384 0x4bc
1⤵
PID:3352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
53f896e6ec3a1c85c0d9124da3b7380e

SHA1
f4b222bb0b3fda0f2ab34768d1d086bc6533575e

SHA256
17445b99fe65252ca0a67cde3f5d2b1feb0224d39f52d1641ae0bb8dd0282453

SHA512
512cd2d07e1e7ebe78ddf8f5c5a682a30a0a9a1f55099a466ddd54c351295a92f4ac4946ebf4218d6353a3148ac38a2dbc07c9f96e12042868acce13c9edb1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9fdcbfe9-804e-4b5b-846b-ddedb36af7f0.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
319c20c3cd84f9da1cb925ff26e7b7d1

SHA1
694ebe17c2e55e3f33ce0e87c022f381851bd716

SHA256
d9b9c1adecba31d0e2e0351a3b3cb0cf593453b0a692c6af5db1e42ad8729f3a

SHA512
d21aa65b453e9c19b820e4905181a4c0db35b3beb8552d18fbdcf6fb82b03b02fbb7eadd3e1d4a0bf15046448c5358edc0a989058768ee287f68ea9b5b4737d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
4907d650a205225757b4467b6b05a3fc

SHA1
4405cc55413385cd73d5946105e8bdd691777ce7

SHA256
307ad06eaa3959917ed0df9b4b96cc31aa265a08004fb64f52cc0f56ffd2ca21

SHA512
f38e2bb8f6dcd5a4d2d21130dd9950e2c64dfad531d188ab93c8ecd35b173c32a5d4b076b64b3f7d958dcee26efcb35494ae4c70c2f647ddf51e93899f89d077

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
133ab677eb0e6a671348b1da1c9e4804

SHA1
8bcb3f8d5d0bf8393d75fbd47107bf019235d2ed

SHA256
e98b9cdc0988d2aa35d4ad3c7931bdf3bbd049eba7b8224bcdc2031fe0ec373e

SHA512
e8cc6b45f02797ca4231296373503680d1f0440a093ef3b9c98bef22fe2b887009d26dae0db342eecd5fc45e0738986dd5c14165a2fd4f83c9963c6f513090d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
d00c9bacbb99c1da507820039cb18e30

SHA1
f3775a08aa3da4ded50be682e4a466be329db6e9

SHA256
0eab55a1ed07681c64a444563229128ce2cb0141bb8d2ad9d283415224d818bd

SHA512
0a92e9bc511e6abdd9405a99bdaa9cd0699c9f3055d5c2377d947db76b505901f4eda5dc4dfcf40164d56da89a934e2fd966f214d7391cc184e91e64d3e00338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
5e05fef1d07766829a005d92e8dfc6d9

SHA1
ab7bee2141ad7199e2d91b7d652b6356be6f6891

SHA256
83b61eba6ba03ea721cd97a531caebff12ae38f8b32f7b00e5e83e22fc059814

SHA512
95425424078380df7068baf5fb571398b34cd459612bc558ca7100ece20b7d97a963a1dd5773af9069619c2302e329d4db64a807af89b75c26a9e4569caadd42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
34cdd802b888c4472025ffbda019b852

SHA1
6f63bada977d505f266b5ea793e8378f08e178dc

SHA256
a8137e954498cd03b67d1f224091117f5c0cc318c2a1993011f0c53e594c5680

SHA512
a013d49eb12361a5fee553bc670cc300115604dcaf28f3ce2dceefa26b023e8f1c8bffb1c8cd338c84dfbc3ff442093d314b7a1497ccc2ee36c88e254cc2412a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
cfca1e93afaa1478cada8ff1010b9d44

SHA1
68bc64699e57683b75946ea904429ac4be5fdc44

SHA256
185db1d54396dfa7e9fb3b2154e87e0e412d5b828c93b9f400038d8c9882394f

SHA512
ecb2016f11196d9b527cceb008467d79cae9ebe30b53035c2666f163ee0ea1bbadd4769a74da880ca1f0e9afe6ba0dca551c1846f7353f5c02ea9355c71b9b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b894541ee8af22acfeb2dd77a646cc89

SHA1
3eb2dfda59c41a9fbb51aae670fda39dae8db503

SHA256
ff845324765e82e4cbef6886875fd903fb3e0156a6858cb169707b2f54a09955

SHA512
a022e58775221c18e2948c49baa704192fd32acd6ee54584bce5a2cd5d38d7a5b83c33b14dfad12dfa0d09c480d2350e98719fec8e11ab22345ac837092c3483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b2dc8e4d8c07285d465373302ef6b691

SHA1
084b50ff6dd4cd7ada3cfe8c724d0a28e33354f7

SHA256
5c22dd61449a91b2ad6c71997920d31f8560b915d32d99eaea2005eb4bb272b6

SHA512
6fb4ae407ff5f21675183d97543f99a65f53f436e0105eaf5800fbcc4d7eac888866928cb5baf50f3af7854ba0fde48d8ce2881cc664622e457e892a604a7996

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1d88dc6f64d7417ab16c4efaf0fd0b47

SHA1
bc3e77f2549db73d07152f86949fbc781faa0825

SHA256
3a11d8b38763e7f36781b0e7d68e53b5b1f883b81c80b8c08cdcd64b0d8cd1fa

SHA512
78302402bae1ec9be218f6d7cad0761de04bd161ee549a92573c042145a1a7082ec148fbf879cf7dd86263ed2d4741afc81fd5976a454176241f657322abba39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a0a637a06a77cebb02c2abf82b179ff8

SHA1
e4773f352e42ea66f0bdcb9c6866268998115817

SHA256
c28fbc3bb1ea5dfef9f8bcda21d64701943ccfabf8bfabaa37673042fc4fc7a2

SHA512
b9d7e4187fa3c3b22e4828a91c7cbf35f499dab6685d89e61d2dc1629ed56ac549e9ad2648c7f5b2d77ffd454cfbe25dd245463a0d7285b6df4aeac6332fdd24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
c34a01c5df148c49d386e006f7f48946

SHA1
35916bdc9a831b9bea98c4dd8463a3041283a4f4

SHA256
44a261ab2e0712a4aa9d4087f79df57b2f8e4aa75ce450eedac909adfaee84c0

SHA512
c867af4248172b14c4807cdc279163566829a99640699c43e25f447dc8be051db751dce3e98beac04c1268e3adf351799fd8e2b482143e54ae732f6b8fb5fa73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
9ca32997f16035369bfb0d0f29a7f3bd

SHA1
811deabf96992a88d0af0a6f583e9929c89bd47a

SHA256
4544ac9aebc3c07222ca6d6b78d13418e2cf071b7b27d04354ac2be9ac8c0aa6

SHA512
412e2ab50f4fb5b9bdb40474335726c8d74ffd8937e1ed6007f709bc0be9b07d9c55680b713c12ae213a78ef17afd98b7b7f42ac59f3348601144762c103bcb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
bad6a0b2f119950f124c363da9aa640c

SHA1
9639e39d38a8a058c75e761152165cb257fab79a

SHA256
f8f8e493427f5765c276ec378527f4b2002fc60471fb17e05b3f43924eb8f575

SHA512
3b36ba17427eb45573c076ea5f3f8ff012ee99082b31ce5e143598ffac4c30cb15616160ceba17f497ec8e9b125bd05bdaed23fa01ffd0aa460803c209f150c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
659ab3b3146c7def5e2dd4a153a4d8f5

SHA1
f8fa66c2892a72d91d043859427dcfa4e6629d89

SHA256
e9cccd08d3314023703cc344aedff24a0704652480622b3992201de2ed7897f9

SHA512
b97eb89c2a0e83884e698e065a716d70bbfbfb4fc5018dba7c5cf7e02658fd41603c32cfc1b5cf4845bf8f31006c6b54c8ca440b428d50850aa67fdda5f460a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
c3589784c8f36fe6a90c9fc7b9a5bd02

SHA1
6cd5d99f59dbe4e56ecd98aadee5dfa6f4d783e4

SHA256
85ca28a81d5d44edcf85a22056540e8a009dae37b23b593b4233446c3a052cbd

SHA512
168672c1f4d1afdc98945785a21045416c13740ffa2d6e7c357f964d3a73c3e960ae118f174a432a6cc0051a8cedb434081db371a2bf77a118cfdfe2f4dd519b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
179b12157ad02239e277a84cc267f809

SHA1
1d9a99faa92982b04e77a36764c94a77a99ce37c

SHA256
f88597dc419368c4ca9eeae4db7ba531663cd86c0916e1af50f4e14c25dfae99

SHA512
dfe2b6793afa39ddfa22240bfe20cb4bc0250874ef93e03ab95c1b734d79e028e737598c962fad985acd8be0dea961c36f7330e4b68ae4974553fcbea68e4027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
05d9d2dad2ddd197092dedbb8458340b

SHA1
76c582babd6bca1e33429d25083a6cdcbe9e3bc2

SHA256
8694ed8d77c2144a0542db789970baf39a4ccd3cabff0c0e4367a885ce515c3b

SHA512
85c12cb50e59e59a777d8997d00d87006594777696a659c8196f5abd960aa24bf6e76933338b132dcdaa6ed768e9f0c754567850418bf637726a16087089549d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
905a2791d84da60084dc9ecfa88d2310

SHA1
2bdb14353ecebcbc793c3fcf21d060ef21f1b52c

SHA256
faf4bd560d9e91d9684e640dfbc1b98137a3d40cdba3ec74c3446128e713910a

SHA512
a2349172d3c7ee33cee12d9e09a178fd0fc033412d08c0eaa2635e9acabad70e0fcb3649092b204b3d046500b61261429f5c358c5218f8ee7e793d6235830912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b9be07a14062d976c4192957d82c2b20

SHA1
2341d42d76fdededc8cc5583d113ed26c03ba3fb

SHA256
6221ebd9f42e65784d16dbb1bfd7010ac80967bbaffedd2afb0cd14270a37f7b

SHA512
6824844f58cd4a6a361f6da6cbe74e15658499f14e5d168703e0eb8cd5a6c119b8b71dbaaf10621ceabec0a2985ac9185d77cde2717577b3174b9eca88594f4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
40bd6bceefb94628d6b8e24a2179506c

SHA1
a8657aee4cadcb2e0ca2eeb4143275b8859d2e8e

SHA256
aa89e7d7784fc6348568647023ce61d864e9474757ba31479525a3c7a2bfddb1

SHA512
f9928cf7c106de5dd90a40a2eea5343c9f140cd98c529613b022800a4215c55398cc0c2ae99964b6416d62851354f4f69bf744c21f98d278bae76b35c15c7614

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c40a706b92351a1c29ca4f68e360126d

SHA1
2d81755bf306cef3951f0481304f02212e238b2e

SHA256
8cf7bca71d85c0f9cf83dde02bac7c82c06392c75cd1dd724ec601aec25f3cf1

SHA512
5dfd38d54a24cb24dc63f88a5248f11bc6a065c7aae625ef872a6146e7e44f572550e0f45f9d73fd4012e255e340363ae19cca25ecffc3a034e17be562c9aeb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
caa0b4eb2313920c0baf1203235d22b1

SHA1
001014b21f3dc6ce1501cffe5db87ab3851caf55

SHA256
9ab17f029df16e50754228110609dfbf674da470cabfa78b077cd183d76ac89d

SHA512
5ba1e46be65acc2673d51cf705583ee6ec7b5530f927e044754f916986d9c06e2ee15468883cc5772f6d95ee8530409aec1a1fb5a4bf5fbda4c0c155b438c602

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6e141c074f5c9fe2ee5f4a093433cb53

SHA1
60b5c4cd5d79c86d91939b007c3f29937123cb57

SHA256
2270fbdb0db28d1890dce5daf6ec448990f8d08cbbcacbc3d6c639e5cd504b05

SHA512
c89b9d882af7e7a22f87c62aea88c3a84f93406985ca7f8ac960405adeb97207a62a19c128bb3b99470d3ecf661884ebecfa81a345cf96be0bab4f8fd770ca23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d73b93f8eddb021ecf5d85f85e381aec

SHA1
7da71e7f01ca0249d0adaec490859b0ebd11baaa

SHA256
7b4f5ba124072adab444a4fb0cf0d78b9a200e580e9a13999cb73967dc347bad

SHA512
f5720579f0533d05b5ae1abc13ba53e853c60ab93c94f5a907b6d3f49763436d044847871909738004fb9e0af5fa8e9275f210ae271ba6bfa526e53005e07ca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ffd1e5618b665f6f30ed1390c257e01b

SHA1
62beb8df073d896a330554f118571847a62ecb8c

SHA256
aabcb677a28b5d63d46cfe464b6348d757c1f0b7eb0b494be6ba60b81cb3b375

SHA512
d5824ede2c9441e176514850eb26796f3887d52c43c54af5aaa8750be7a015a7003f002c5dfb023c8f7f5313adf62d727c775a7edeff12571fb00a24ce4f159e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dc0c4fd8d81a2cfcfd91ee59813c256d

SHA1
219bb06ccf0ce23c393d9a5de7173201bbaa2ec9

SHA256
30c34e426a3dc2c5e274bdd6720703988a02a2fed879bc981ed2161ab5918c94

SHA512
56dc606e7c679ab8a11cdc334de91be0587aa813f1a0c2abb9994df2eea65f2a9c7808f0ac4c856357e4d5ec7c7e9db72bcf4880b79851b941617516a3638a88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c1095ef447d640000739cc77a6519ceb

SHA1
dfa39a30879de8b566f777ac6de097f47c0dcc33

SHA256
7755d37359d2402d631edb062d8e71f9528afab15c80f7f85368c9131f3cfcb0

SHA512
94e7a1b46b2c89f28f02917d0eab47e41e215da67b2fa7b09a13b2598cf2f51e10cb926254b8c8d8ab17ef75d45e2d541e42ce270f615ccd73d9eb316847ae96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
00402539424546892b35afaf6b7fb1ae

SHA1
57d624cd034168c68017fcbdc1ba8310ad676ce7

SHA256
b2dfc8f8e9f638b1d229295685a4136f88efd03f785d5baf5ed7a3fd6c9c1c7a

SHA512
77e31ffd856fe54b20b6f66f03dd80bcc8686790c3c66e69e60278e3925ccd9aea29772670d6e02a7dfbdedd7514fbba66128b2383946d623cc448abaff2a529

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9ca9447e320a1a5c0c7629ab97aae528

SHA1
d0a56781efafbe795242b3ba08670da28aea168c

SHA256
11fbd1c2fd18ea47177b644542d1b048900032588afcda144d0d5e2122522aaa

SHA512
25ec5e73b731de8868eeca5c0130830a9c80d4b568d86a29f9bf2112cdf8722a874c486a177da89555eea046d8c91b725f5636a25cefc659411207888338b7de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d5e93c7c7b988ab0a97d8c0d763b9757

SHA1
cd7ef06ce2a2f17ddbb7a914ac82c999f5544568

SHA256
74637667e7992e4d208d79cd5ff1a263dc3b382da39720f501775a095e2b6e63

SHA512
38ab50867fc5aecfe232b153637f73bee52400076c4cadef913a9705543c03532d98fe55898213ab17745b49b8dbfec22b688aae665c7c9a4cc2b8b7ecf08f15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
997da8d8a58784ddbbcfa005f0a2bc9e

SHA1
fffe68ff80c598e83bd84f5395f3e96d0977a0ac

SHA256
b7e045694f83d50da143b13695c81a7258a13ad7a6f77cbd25d9652461f91af0

SHA512
33029f85e723740b3a097f6d9160034314a9bd0f709dd976aea6527b9a65011aac0146f7efbf2957b60314db24ba255b3d1b1236d334ec736170077b0ceaa19b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b538236e4492c949392f3fd19845a531

SHA1
2867a4146be437172ed9cf353e997dacc86d4b66

SHA256
bd09a5bbeb3daf2e5a41cfd784184bbb3bd2ea81ff1aab2c4064830ff4359ba1

SHA512
8d52fded96b6b55dd5cd187484d199e05723d222057649d96737db1c02426ed90ae30bcbe6c8104e6691a00c623dc61dda2961c3e8f6ba1aeae255985739f250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c4714e564a40375e05a642b6f636ed09

SHA1
326da2959ce9104416d10f0be966aaedb69f557c

SHA256
9a754492c9411874e22c54a01ebdc65f847ba59fe684e49939a73f00f63ca5e9

SHA512
df511ff3d63b987b6062adf03b0c8739b382809d132f04fc0c1c7a7a3453504264c34857b9d1ac7db76af861fb4d72ce8510b52d04a2d5b5cc506578ab98c0b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c0b48e58d30b147e141eba7eecc044d5

SHA1
e445bbdd082f64ab8887829e61456288dcbc869b

SHA256
b28de8c76aeac33ba73a4bf563028998a56b1d1b8983b1c922cd86262f9e44f0

SHA512
3bbc5cf29b2ed515143e4601aa29a9aec762270c096302f5457274e3bd77bdd8546ac122f328b08afb154f5f4e3445186debf3b26b8722aa597c0dce14206233

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3eaa9532ad78cc1e93b3c91f7ed5c08d

SHA1
98c9f2b0abd9963bd2a7142066d934d0bc550688

SHA256
abefc1622fea73e07fabc6b57b4a882f4e051952f5a4a41e9651a3dcbc70fb93

SHA512
27cc5e9caa0ba03e38983e021da6c30450a323e55dbe9e803b23a9ccc32843ed90bbe774b37388d54b0f476bab2d2210b93572d655c0bfcda67b60705341b95c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bafa0584c73d6edc10a3bb14f183b901

SHA1
980801d7f7a9660d3859c53ce5b4807d13cfbdc5

SHA256
955478f51b9ceea21b4a5253b8f0856c639abd1bdf1a2dc711af034d43cf274c

SHA512
2a05970bfcb0396bf21c93dea4f7b59fb50ad84edf244fbf3b8b4f669d0b7ac47e971604ac4aa561496795a46fce0741808d6001a2bff31ba33224579b874aec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1f7076111b5175a86d5ae7b3682b64ef

SHA1
b731b37a04361ca87e99b52892ca39584223cc3b

SHA256
0961b825f149541f0f26aae967aedd2265ee0a5a58125dd3f97775ba22c06e0c

SHA512
52b745d1a45994a6e14ee21f7c302ef166fcc94eca80428dd28843baa02835359aaac9d873461dfd03da7730f11b54d4b99aa268cbada3b2265afc3414ac2928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
35c6af84ceba3731fc3b3bf8e63658ba

SHA1
ba648d5a5bc6f2339f10589a8e2d82f0ad7b9a76

SHA256
d69bc4eb8b1e967fa331fbb246356f0a6809ebf0b9cea40cafeace0bdf444dff

SHA512
517155ead741aa3f527723771dc66a3731ed7da433c7b2e2d3e818162414a65fdc77bf49125a3db357f7ea7e818d95963085ee9b7161edb775a3f7cb154efd23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
d8b71a1cbc1d4456ed3c4503ae3364fd

SHA1
e71ff26a908968fee51360d7fb52b6048dbe17bc

SHA256
f6bcd0aa3470abb4078496f4571357a8e1addc7c293dee194d7cdee67bd1c44c

SHA512
e44fc11f18968597a629e05c8e6b8c2219d43b7b242f774423961f85dac625680cfa8de8f07a7d2819d4f98eb3d1e6cb8bfefd2a5169c9dd6f83cb2818ffd3cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
2da4af6af56a13f263af5b4a71b9e147

SHA1
f61bce57d0d3ae6ba51f208bb6b5b461be05ae04

SHA256
9532241fe122da507181a2c1d97cde16ec896d4e0e16725873b1abe65fb2886f

SHA512
4d5b64f7902515ac2ebcb142e27f9a6f1c6bc2addfd42fe39c0d1886f5ca857d4e0052811802b931d89889e165b020cd659505e29877d8a510be787235bf82b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
027df2f5e22d429554531a49b3d5ed24

SHA1
0ccdbb28d21859b45340dd3ef312302cc87e269e

SHA256
37ca77a2a3f40b0d68b9d66b91d8a811adf4280e5ce3279d36c818dadbfa1f84

SHA512
b08dcea4ca3d524baabd9c35cbbbee290ee17e1a0abb0074e4a93e63fe482f2be81150354b71eec6ad0eca930527d85a7ff6bf1a58bdfc8e4767f86cbd9953db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
122KB

MD5
72dd950164811b1788019d6b49f3a065

SHA1
1cf185229e3c13c2e7d59bbed20cf6205253825a

SHA256
98e324ea95e23efac908feef3128ba817e4b51af0777fd419176e21207176af8

SHA512
8c52b184837c3a0c9ad77f3aea2d4456726f436c7b801fcc3282f1d30a9b05b4a6e23a0d96dbe07ec8a8a55522989a256651fe65987843e97d7da7aa27bb20d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
122KB

MD5
4a80397bf49b1b8838a9a74d3d0abc54

SHA1
57393e053f758b06e5a5a869f909c4295c70df57

SHA256
3c3a0be5f64ed778513dacb397b7036d41a984a27ddc12d9a5aa1ee7fbbd6c82

SHA512
37b74ec5d16994b3959d53c367324f425bef523c9628d98c961012da23b8b07d9674eb175d02af769ca87b02471c45ef86def6b187e937fd2c5da870c254158c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b0cafa72565b2fa07ef5df1eb72b00b9

SHA1
d23e84ab26707048b3b1025d6a7fa3a7741cfafc

SHA256
276350672a0224e6a8bf090aa4e2c072fba69bb7668ed0b6c92fd3d9fedb55a2

SHA512
96f3ed200c573c9270ef93dea1652e63f55ef1132ac9d9bd21f4031d84fac23cb2d34e9ab26fc520b640670e32f32231ac52d26a5daab3d0aa2f761b01f5f3f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
58ffc60f16e2cc5f57693a21a9b6bee2

SHA1
1c89779940df6c4fedbb59a99687990c45015266

SHA256
2f591b201f1603f3847d9d992c01d3e365ab99fbd4981dd9fc8b019f004a212f

SHA512
ac31dd656373abb4cb59624f1f68808ec02748a64613c82bc5b6eefe9c1b9c70a28b95174c8bed36e479dfe6c66bb7b9fbd8fa2d018645332f79c69d1895f4d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\482553a8-d119-4084-b1b3-2177efafe428.tmp

Filesize
10KB

MD5
02935ec30c11ee1abc1151b17d6f3c34

SHA1
a8ed1d7d40d8e6f28df566125838ffd8313ca37e

SHA256
ded49eb223f9a0b8c4e31ca0ee34737c7fa905c26be3e573fbc2d249c17fe073

SHA512
9c57929e8f8086a837a5074e9d3544e96ad2e3d0f3dc9bd217d9a8259212fb5d5142ec6ac08ff4b69622c13b002c09a311e518e5d2d100a9255c788973f2b8d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
47KB

MD5
00cb15dd0b5a99d219dea7a7e1f58499

SHA1
1e4895afacff1939289e3a70ced6636fbf902542

SHA256
a919b203fc48d2bd0b12c4bc594e801d522ae335470f3c172086fca1c0f05c3f

SHA512
63451e3dd9784319af9ffefda5ffc1c671cdc174f5ef07ece2c85ba2416af1d6226418b142dfaa87b38aa7b298957c0fa9b3d2cb30cc2ad3b7d82b9fb264de9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
23KB

MD5
b5de09144e0a01a8e89679ed9d3aa54d

SHA1
8045374d3fe0384fa2f5d26c07f09cca29e38170

SHA256
1c173b92f17cc2689f76e560276ee9ae25ede63b01b643538a4c671d941a750a

SHA512
376b15ba7d882ba6d26c6533aef7f2e86ef8ab7051b4851b2dba95b7de5c8df1c94818e0e0e0e9beb1c47906fecc28870ce9cc1b62b5f7c92c9d85837b60d87c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

Filesize
22KB

MD5
9196e81f8ed7f223d765423c1f9bc8a7

SHA1
88f9d5c2a6908cf36b8daae803578ca9e1fd2929

SHA256
a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe

SHA512
e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

Filesize
40KB

MD5
b786554392ab690a37b2fc6c5af02b05

SHA1
e7347fa27240868174f080d1c5ab177feca6bd84

SHA256
ebe47cc89c62447316148809bda9095bd07bd5392a99ab4b8ac8b9f6764cda51

SHA512
b71cdb76464a775fca909cabd0a7435c34de3ee4e19c40f5bebba6415295f0be2f82532a2ecda043c787ea4e8c23fd4e582a4d4322923fdf603a56e3fcb8b567

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

Filesize
51KB

MD5
f4c7b5f4a7f4b308c26f4fff32e64ce7

SHA1
654470bf2dcbbfe2560b2a89af3800af5d6dbd0b

SHA256
d8c180a4b35e039ee7df2735d60d225399dcb562175147fd71eaa1c9b3363115

SHA512
2b4be945bc16865c0de9f2b255a175019cec889cb5dae9ae58c664abe542c5be3a6dbd0f4440d65e14e951d41dd4560a43658e3d82598ef2cb2c14b91b987c1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

Filesize
21KB

MD5
7dbd5dca202b651abea7db3d092712f3

SHA1
cfefa958e9cc089a5355b73145f8bc834a00552c

SHA256
16c7b582088cd626101f338070c7046b3fe902a4ffa0069651392314584a4b46

SHA512
eb9ccaafa365a2965ac92a9b34a065913825aca5fa1dd8db772a97fa5928bbc5bc80ff6b536d66f523ad7f0f5304ddab861e0e5d1f19ee7f2b633ce4b41d9c3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

Filesize
180KB

MD5
8f54371f05bc32a5cbcf5d92b52b9432

SHA1
e48d06ab8e24219379eb8936c15cca6dacb68bb3

SHA256
977046592b00d4b3569b963b568c06c557e58e9bd806d2d68a37e9561e2114c5

SHA512
d423c6b105b776ac7cb213841ec5b5b97d42a3e13f848a28ac8bbd88847c07abf44f7d3b8abeb01e8d32fa5667336c6f4199e715cb33ef32a0cf75df1f963f68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

Filesize
32KB

MD5
018fd38ea157116fc5f619f12db9fdb2

SHA1
5e4899d22360454ea36098bc9f044eea0d3f7860

SHA256
711fc01f72ba75810e52e842061fad1892bc57f254a2d1a2564072328b55cf41

SHA512
4ebe949866029298efde7634bddc66e641c1084933fa9cf8b23f687e6dbb85cabf2e180c873cceac2c04a345d7712823229c1441f93683cf736c21cd40c9eb8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c

Filesize
61KB

MD5
f1ff4e46d933e05ecc83dfa1114e729d

SHA1
72e74dd21a058fab579a8a93bd3d35573dad35c0

SHA256
37816ce76649d9912d61e0ba4c4e573fe30021ff5f6096a328889914eb1be6d8

SHA512
b723e2b2eb28d6160c6938ec3e0785335e99333d43ccad4bd0b5eb464ac80fe1dad99245bd2e400da7e04f6166a4ea6da400faf3bf25f68bd49e5ca957edd125

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d

Filesize
66KB

MD5
449eed627331c84b316ea7e61755075f

SHA1
343e34cab0e29bad417d753098a31b16b715be87

SHA256
efbac2c4ee68705a3d8c5edaf253150335163548846a2e3843721c3ae3c153cb

SHA512
e6391b1545ea50e28a28d75587d22125686fe002283d6aded9e3a2a4f6865d87a126b5243a800b67584efb604aa9a67197543bc26936c0cb7e6a5cf7c93c0815

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
19KB

MD5
d721420db7c11543a73d35a8a3b64886

SHA1
a12a833b3214a87a50da8a7f51159c92bafba9d5

SHA256
313c7d95d8c0cdf1f6a58953b449c6cdcac9ed8a3f28991bf812c00eedc64bab

SHA512
6d06a7439daa59a3cc50890dd0b2f231a1c0a1d2eab50197a4e44071bc964b099ac906d45441a35ea8b49cea1c50efd67a11de83cf5b0a7339bc72203fc223f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f

Filesize
94KB

MD5
b6e8c7a9347914b615aebbd28a5e3a82

SHA1
e5e6949d22edfd40d061ce09c8d2befd90c4d33f

SHA256
f00467bd665588143bd91d091c48b12175cc6248e58566fc0a01aac3eb74e007

SHA512
038a9485acda1c355fa59335e6d4cd19e60194da288a009e3237549de1c2a4b66ace8e4bc858e0e2ce850a159851a9fde8e7ba784f4b81444edfd4d653663bb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060

Filesize
52KB

MD5
9d251dccd73c59b44f53871f9830fed8

SHA1
67fa3ef89e1bc3e63515b017f4d80aba59ebb99c

SHA256
2b5a53f5c6cb27e87139b073d058e375054cd3a514142f7f3ee8dd704ea85669

SHA512
5174a0c688af6584c1abd45116f14c0801464fedf967950f0390759a6dfd91da9e96884292672badb45fcdf5e10aa42a51ac4a636f8345865b2b0a9feddfa572

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

Filesize
94KB

MD5
866d1680c9a0023a82dde3dc372c48af

SHA1
e468a923e616220a67cccd2d77f2b37db69cec79

SHA256
046e6f7964842a9c5ae9968c79adb84572645a6c9cfc3f4748d4474ac5962cc1

SHA512
a99e564022a68640891a1dd4481848b9135a7a3d8149117e2a82c1d2bae4a93e12b881d0868ad16f9905b44838d70645bb35a6f54f1ad685a4d919a697ab12a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
a7fc078df9ad5db278b2620a0b3afc68

SHA1
726ec919c7be4876cf97358800892e6fc2bd1fc6

SHA256
f1f7a244783241bd2bc397cfae046398a430048a4c0168cfdac6a1f989d96a95

SHA512
b045d8477cf7516ee99d811b318f53a951515eb32883c2c090cda78f3b1accdb09388775f19164e1f256fad0e4b327dd3edc351204d3195406fe745f9f4a21f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
a77ce3c4f5c7cd56232f9c1e99991bc9

SHA1
975b4bf8a6151b34a5e74ae1696cb348adde9213

SHA256
ce42efe38ba35a9068bef911cd534b3ff573d6c1df7c643d366cce9b160c4c41

SHA512
0d84f22f2e9aee82dc37970fb5c07c0e047ce379c829875dfec8595489069e3ae5c66433505cc06102e8bce618e647c93797ed61b9303454659ef08bcab71e14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
4c6f7b852e7e12ef3068ae2f2a7bfcbf

SHA1
dde3523378e5e30c94008ad8486a19be33da55e8

SHA256
5b7885c136fa96b762106fcc067f7ab4e3bb71b0fa301d573950347d578c941c

SHA512
5120ec10de941612581ee9cda5271cd6e1386db08766b51c87bfca284cfd65f6ce2e30dc5abbccaa3981e2c991ffc4e0ee064c4bb0967687745eb42793b065f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
bafbaed1be41bd151dccde4e1738b47d

SHA1
ff85e56647528a0fbde61fa9290aa637c3a5304b

SHA256
f0ca7cfe4033c150d59d96742dc0d8f846aea97d185b65eb0844a2704b6c0729

SHA512
16574111860d567654d306fdb79f35f277c6c2090b579c27f7da7bfa033130166abe12fa908540732f61ccf3ac62ebe5c1ffbf1c1f32da385d3ac01fefd7f00e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
c972bc7d30fd3398d7e34ac92ae6df9b

SHA1
ef7b86b2b78cebf0c281d5afd954871761ccbda3

SHA256
7fd0debd05ea0782e4d75c9a80bcfcfe632c614abf6899905afc8447644ea0d0

SHA512
f04ce9801a718da9a6a2cfe474a5e522d926434c64bb6ba9c5e98012787d8cb6b2b5ea46f8a909e939287f6b7b11a70226169ba68752934e042383a9b2ab5a6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
4d54482a47adc3be601c36565c340207

SHA1
04461daffae185d734818c6c543bdaa642d2a7ea

SHA256
769d9154078896b4a76c1bf1bd1a7612a04639c1c61c86f3f4314dfc058af3a5

SHA512
7b5ffd0b6bd637cf72d1b67201330f3e60bc22841927f58ea814dac9200099db1d0922ea6173538d22e5e7503dcd2e9a13262f14cf4ea9b4ae8100c2e5d642ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
db1abf1cc22ddc4e988f8e290da81989

SHA1
e7eeef8383b944774e145fe22271fd73fbca470c

SHA256
f9b99e10592c311a8e5304c90d2602c7cc42e0a204c5add32fea908ce68ba42c

SHA512
e53b5094cac1666db6437f285247d74ff6d9c28b2f0dc125592b4c629d7b5bf807eaeb94463219940823679fa766c969e5561c25481aa0825204334659bfed52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
0cae6111852c63ca30add4f049bf6ad1

SHA1
7cb4e60bb6e1c3f6a16fe62a3d48a4fa45aa1e1d

SHA256
8a7e884c4d1e1c6839fce85d3d5aee25cdf1c21ce7d86da31712e43eb5a800ba

SHA512
fc6c926986ec3842cfc5bd232717d1c65783370e88b2cbbebf876c6581886330288d42b4d86e4ad6950bfd1b69ed01137e8f52b86976808cc9f353abb50cbe09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
f3db73ba7af1e2a452777ee5c781d1cf

SHA1
3a748108b38bb98b993fa892f399de5ec8a82476

SHA256
e86193b9217d3dd351bb880f3baad3bb2082ccce6a8b5c93305d5e343aaa34ca

SHA512
26412dd835d1359056af7a25031f63678fbd13f8936ec712e0bfa5391f61ef8df505c34e95e9ab677e55b699acab2f8f7b5a4275622a37748aa59c183bd86237

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
238aec5257788d55c02c3108592d90a8

SHA1
65d40d035996e816f29bfe59cbc0aa1f1b1f3f4f

SHA256
7843f5592b15bf711462bc83f4175ee8946fe44a6318d10e362f38da84264cad

SHA512
ccbd5e123b08f833988b984fdcfc15e93acdd3b8dba0ee5d771a02b720e667a3544e720c6273f07c2b159e7e1d68dcafef5b0600f9501f431f72d73584dd7e9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_gamesnacks.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
759B

MD5
18f3ac529ed34d951dcf3d93212bfab1

SHA1
f07051d9dfc9e6a33420e54ddb0fe291b536c463

SHA256
4b8cb15e859db9dec342aaca13029cfb02d360e65b2a4a94c6bfa3541b508e36

SHA512
0e2fe456c12d558bfb17a27f24d20aecf3daa6f3b21b8f4661e387bd5dead03bb12615823e98e2b8227cc0231807f256ac78cf8b40b28cf01c338ff7900976bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
7KB

MD5
415a92ca30deee8611a85037b0b8cf74

SHA1
dff5b76860f3cf0f5565355c835f0c0b98e2551d

SHA256
845c2a83d8ebebba6916a1c67888bd0a3f1dc7a82f79f79f53172b27ef6ffdef

SHA512
c3f88440b63a8015fb005f7f454339114fa74032c15d21fc85674d45141ec9cea442136214c5685edc800faa8488dbf64c516ccffbd4072be2ea236d00c31d98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
fbb5e9cfc09fea5fb1c828c99352ec70

SHA1
ca40be64775092f64c2356b0825c862088b0b877

SHA256
75d2e75a5f38844ae74c50a3a283107c04bc7a6660c475bae94a55263edfc87b

SHA512
63cfa6f9da633762557dd4fd0ed2df90e2d61424bce922637b4dcfab428b3aac5034813cd391c8ec1b237d64a27ed8fa1f7016633f7d660abb72cfc5de0ec691

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
1a3dfa0f98ed2de7ecf86cfd54edd7ff

SHA1
d9721554527ca145a6c89cfc8fcc55f63227a0fc

SHA256
57d413dc4720707a2347b5e6eaf6834b824cb4d48ebd514ff72be6612fcb7a96

SHA512
1677d9ad9dc4542c37d4946bcf7ced93d0b4f85ca8e111e1a79f05a18a772deb93cd09aad2883a2c5496d61e340cf8a66c1e440d404e239bc18fa39445226f95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
0718c5f64fc7fff10c9a6775a6dc5d7e

SHA1
36dffd3aae7f46e2c03e3267cf9c40f7a4ea058c

SHA256
0c81277f1b129652693d8c244da3efa0caffd2bad8838deb2408a432a1dac7ed

SHA512
ed4d1866baf6f06915ed4645e674704b45190e3ae430657bece0764625ecc40c7b9b853c00a9a2b131f95f5f05d273f4b3ba04c2cb90be324d26a3289427d7c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
8ff0bfd695666f6fe44231bd4d24ff36

SHA1
c53677a94840246088c8ca1b1a53f69a03c056a0

SHA256
1591d9da1d4cde29d023ab8e0466b94673a66cb73a6d30b502705103190e66f9

SHA512
21cd0858d83b3626317cb6e33f46d46b7aa7dc3868a125e228abc99c9af55e4550f68a99c5d46769dd488c5469e684c01053f4ede6bfec9b7088e6245b1227c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
69eb15787ccbad3155ce324d185e8a78

SHA1
c09b70ed67045fee1b3d9799831ae3509b9124e8

SHA256
228b4462c014711ce429de0414666c6b13551b6683c6aa37f8a9d2a97a471a33

SHA512
c2d22d3f89cbe69c53b51992b2fd8d9a24c75db9d05a3fe3bf646d331d2a29e85bf970ee57444a72f669762495c4acce26b763c917ce817eace0c78611784dbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b17b5f3d0e11f4910348dddfb702f475

SHA1
76bcd9206b5d6562b7c7387399d9697cfa48b0bf

SHA256
d04fecf4e27a6029396df9d8da498a433494eb6b3e25a5ac109edb9a88ab5131

SHA512
2f471c46478413e83a76d09217017cfe30877c0de03449f0ce5d598e5c1911989e822b1fbb2279d71c6b1c61e4ef4469fc8a71a80b59612177ecafd58b1bef18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
769747cf9de274419c8e6b0c5ced2570

SHA1
61c84b27908fa87c265cdcc5db3ed17461bcd13c

SHA256
8222671dd162ad6a9bcf6aa13828d5b3641bf30001bdce288e3b2fc1d7a26c2a

SHA512
0dbe73e3f796555a71d5124522762fdbffb2c44e1df0c8cae2a6e631818a18f46fbceaf011b17773cd5d707da5c7e5062274b76bad7b5e390cbee7c7d3268e9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8466eaf187d4c732b008e624c03e7e60

SHA1
969adddea3aba0a3b174eb36e168a149800613a6

SHA256
032dc02dc8da73223f429aeb7c87022e2c0aa388f88af50aec973a56ae02d968

SHA512
e281d3e97b13379307989dec8ab6b40c70df44df18a472df3e028519ef8adb73e9aa435f0d08be5633a8402a2f23856f08754a178b9e6f6e62ffc9560800bb14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d084438345ec69e4a41c7fba8efd5676

SHA1
1fb9a9e2809037904687419603e63682f52b5035

SHA256
c5175c9eec5e0be8ecb95f4ff7cf84f9c82cc5a6fd6626dc7443e0e896a05e4b

SHA512
7b316f1ffd91982f5aa088d945b24c8e8e0a9e32f1011b75bee7d61016d9ed2003373e3b4011827c2c0d1fb1c155b23de532f42937cb42e89f6e8d62819045fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4e12c535c2a8f944293eae9f085a3abf

SHA1
e7073295ff6774c2ca5405b1c32569bec7035bf8

SHA256
1d1a807e6778714d5fd1975246cf1ddc916a627922f8b2679e03e363fbe10b83

SHA512
4ea43518105e0de9505e6f1b05c8f4e09e5359c1db7ec5ab7470370b7099612745a0d14bcc5e2e8a1ce0fa3bb77139d6ecc20a81f1403e6045801177c64a8405

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
ddf6290fdf80fab154b6f0a5b06eb8f8

SHA1
f417a0e48f40ecd448d7d077b5270fab2ed07e46

SHA256
3bec9cd69df31784f35a0bf16ef7ffb9ff9fbd7730dd157224f013ce2211a08a

SHA512
cf628025ee19ae2fe2433b8d77bbe2556bb46139ecf7581ad5ab57f9fdeb0fa30bc1da6b433c75f31f4679d409547b49e83500dd5118f076bbd99eb1cb805e3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ea23bdded83bb771db65324a1f47eb62

SHA1
667e7755839ea9648a72fe48c05bdef8d808741f

SHA256
72246dc9ba893d38b3dca32aac3fa6f734b57cc8a862676d77bb71d32b30393d

SHA512
9d82c9aedd2e067ba254ade95ffa3f57c023266da67c7d3f11ade6c5b93f8bab292860b012f25004d4de2323fe385288d4e643e73f92b20a064e4fc97c6a229b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
21f576856c5f132d0f4054c1f0eeedeb

SHA1
ee22057211c0da45435f6890aa5154c0af71c939

SHA256
8a7bebf29ded4114b20fbec97d80bc99996aba901b899ff1005f14781209a0c9

SHA512
5b31af641c866f31f6419ace5c82539a04437c29a08fb254e30c939bf033faeed6fbf65f0ba99d5f8cc254cf593fc08e5cda1b04069f60a54569dca579b84897

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
09b3f8b1581d271336a54f4ce075d533

SHA1
0fbc93942040389cadb08bcef40a76a0d218d2cb

SHA256
14701a589f0c80cb99cc40a97f1382ff8cb1b505720ad93b6f9883fa73281d11

SHA512
9a51f67b4d76713ad2cafc3180d812cf0e8636ffdff0d717ba6ea52624311a880eb84495004f328380a30129f161625fdae073ee1803f78105b2038939520fad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
399ce40bab8c7e93a588b0688232ffca

SHA1
fe6ef156295ec8e15abed86540e323fee901bb16

SHA256
b0b8010e607ef74d73f105c7bfe43d3175bcc6d835999eb632ae81d731950845

SHA512
b9b3122412d0143ae5af06d8d74e173d97d0b4ca23f001cc9c7324c364f197571fa23bb6740b5509b07adb30f3df8f4ca29897c65b308464fe88471d97e3208e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
7948befb642c0dd2ba1560c158a77f82

SHA1
ddf56070af73a525f67d0a29a4feef62b459cdf4

SHA256
9266c67cbb39d6d717040060d491d4519872064134da68841021a914abc894ea

SHA512
7323e63fd8c2ecc6528f46e9d0bb7839b714e4a2f8bf76b78fdf90cc6fe87959436be600764dd841a7bb311b1c695f02f111e3eb9c76c1402f33441f79186f2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f0d4805890ddeecf174ad30c39195efa

SHA1
65ee7ad5de31ad971b340d05ea3df2db5ed5d78b

SHA256
cf0e89caed0fadc74e87d3ccfe10a0744d40aca9c1ccb3fc3c125e434959d3d3

SHA512
979933cde8a1692dead3de50d7c1f5a9fb844b7d398908b017e3f7deecd3f1776abd85a6264b9019ce6ab3cac37a61a766e2471470413ed87cbd5eae7d9d87cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
8d045ae8a2dacdfb47ce786c7a9d1a14

SHA1
3e9300c854204f1e23a82372b2e3f4e2e16e1f1b

SHA256
2a3ed3f9b0c99304874742fb8aa9470d2d877cd4a0d99bcdbf5aae895cdcb391

SHA512
0d9aea6378706a92915be186289bf7f0e9051162464526bb0bb686f3882d5c52f0f0fe4de1144efe6a2cb1870791fbb063d861206e522c961a0877880438922f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
1e32c1a5635f1cf7901b402632a30695

SHA1
e8df79292612afe0a7aa82e5422b44941fd1ab19

SHA256
fb3be76928656a09dbae29a8cfb56b9e23ecfc67a9e488debb74d174fb93d217

SHA512
d41f6aabeccbc097ded735ed832153853b73bcc7cc36357423eea95b0cc4255eeb993fbef779ae87f0f7220e720050bab1bd1b2138edf3bb65c6a0b631110cb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
86257f96f05d23333c73671fed893596

SHA1
2b009bf8d89954d0e37132a4f57fd3ddeef95855

SHA256
9832f9dc7a91b92882e1f53f9a6a7afcf7126dc53419d7f572990b29f7445184

SHA512
b96523236100c5db090f290e107d4ab6eaa8e0ee9e03206fe0de63d8929f3d9f3a261c6cb90881c193d5624abe12a0266d15ff21a01f7a545611c917c03bd4a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
17ff9cfe67430db88fbb0abd8617f373

SHA1
7ac4af3cdeecb82274a31b1e1687ba73ee4814ae

SHA256
3afd1dbb91886cfaf52c3535c27907a77c09911a5b33bac9ce94bd68e320bdba

SHA512
b92dbce3df3980144d626b085a401c057eabd19b6fd16fa230ff696266af931858a14bc2c3b2979329b0ed4899145d33ea5ff21a26e34314189160dfff2d62c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
ace78cea8166672f993dfe8ef23978e8

SHA1
e2c4058962bd0f3c385239a08ebeaaa88ff8342a

SHA256
f263368d0418d17a0bcb84e1832b64bb270fc47ed674f40f1c5084b24789015d

SHA512
5f526bc7ec379822216facad38b750febeefc6e274414c4307d7aed1b7e37d28b154222e617f7b9563b7af5fea632da0e8ae56c01fbdd3b6f7c2c50a28ef1b4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
0adb7f94dbc5ca357c26d75f2c03bc67

SHA1
5d31f58e8d398dbcf2971e9a771f32001093efe9

SHA256
471f0eccbaf01db01f7dc3a95c4bfa86a349b5f960a04a1ac62dc40d42e9236a

SHA512
71093453734b74634bd1cbe9e0604965c485890ff8ea279eb5693bb70a16a5fc5a803215aa04d67799e03290f9ca53d8e7f3b17be2c08b65e7c8c926d733dcdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
59a07582a9c0a47d56e66d4f59d93387

SHA1
9d8e772a6ccae40ecb6445860c89b161f7c9177d

SHA256
b26fdfbaf41445f1c4e9421ddd5b5cab6aa62972402fdad417b09fdff2574684

SHA512
2e0ddf36b8cc1b9b37dd21488479e8f9397a0a9cf76b1a056dd34969e32010d625288e03d1778ad3f8deda30734a522a694fd9cd2583c51dc0317dab4a4db1e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2a82627bf5ff4d54e4ede62eb985c219b553d3a8\50344cff-8155-4799-9422-15a4a0186f82\index-dir\the-real-index

Filesize
72B

MD5
d5557d91be42588972e0a02ac0f6cfda

SHA1
2e7d14541b0aadbda70196d91badafb07c5fa6a6

SHA256
2ddea27f22b843591b36089a8842913577401759c52db220b22738baf0185241

SHA512
5f757cc347510a005b74de633ca511810da757000e5a3c1ebcd2272f0b70ef6044d9392e9dbc3de0b7425eecf9a11ea88452ab0a4a750268f943d7a4cc116b0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2a82627bf5ff4d54e4ede62eb985c219b553d3a8\50344cff-8155-4799-9422-15a4a0186f82\index-dir\the-real-index~RFe6682c3.TMP

Filesize
48B

MD5
3a0a893c6c758e3048e8763ca64a1754

SHA1
0cfd1c3bdc6359263536a81ebcfbf057f05c0bad

SHA256
dd1d177e4514388fdfdec431a38d7adad382479483c5549339af002474327cbd

SHA512
2f5a0b12194df02edb34ba5474a184b9e40254fc9f3ea8749a1cf751318600ce189fa3ec359227e8c32654d856576651a5637741e6c7aadc19d4cd17bb79050b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2a82627bf5ff4d54e4ede62eb985c219b553d3a8\index.txt

Filesize
90B

MD5
c25d6c79fa0bfb7632ab2c22e7d45d9e

SHA1
d14e1edd3bff13fe79989a83bea65c734e068640

SHA256
46bef00fe492679f12315b39c0e9fbb5e35b6f1bd15353e47654bd41dacd4a57

SHA512
1836fb6bd268f2502e1cf1e74baaacbb4e187cf94d2c25cbb9c6b26d58958324c0c5facece2dde781cd4c175c887c86b99d5cf37841df262881308bd3786f268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2a82627bf5ff4d54e4ede62eb985c219b553d3a8\index.txt~RFe6682f2.TMP

Filesize
96B

MD5
8c4146d66762e444b42a5ccedff37568

SHA1
5546d4990cc71c06d2771475c05845be337a8c7c

SHA256
d02bed941352950f49add3b50863241a214d44b5d1f1329d874c6c2ab5a7e79a

SHA512
70b056c3fe2c1872d9ee6aeb2f7f8f2fd42a168c9547742d94aaa659ad472a02521e1bf2dec5b3019b9743e8b99f5197b09621da68986ac21b129292e3f81c57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\24a2a822-101f-485a-bf2c-9b104fa1c021\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\24a2a822-101f-485a-bf2c-9b104fa1c021\index-dir\the-real-index

Filesize
72B

MD5
66067f41e769067682ccbfd189a955c6

SHA1
e7abb640ac15f33853ea6092df02c39b61ff2a54

SHA256
e900801d8edca6914b20150aace5883bffe011cdcdd624c7cb5d0cf01729a6c1

SHA512
4585dafd099c0c5f51e85b830a580d16174c4dcf55cf84731dc6256dbd725088eec5e2cdfe1aab7c5cc1d71467523f4026887bafe2f3186c8664c5838b713630

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

Filesize
160B

MD5
e054ceb77e4ddbf0df7a349088575e55

SHA1
3c39527a76e9f69971485d6f422d76382a6f7173

SHA256
b3785d5334b6c3f0e59de18351febe4eb808dc926bbd015a62bb1cb3014eec6c

SHA512
dbe93803a4e72e7a302f7b369f1ff419fae7275a4c7b2ec04a737fdeddc736e6ffeebf9f75bd61e3dcdf20411d2ded8e2b425e0e3b080cbf99b28800b7d93b87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

Filesize
153B

MD5
5bcfbce89ec6546dd7c43fcad143539a

SHA1
766ad92ead7ee8077a2c0e99ae931c834f501706

SHA256
8d4fec2ec6ad61b14bc048c66b5c30e3ac503d6e365fa45aef816296589d2fc9

SHA512
88374f09994e8be550acf153deea8b8019e49901742f2135064ce6d995d97e46653f3eb797489dce11c79cc2ea846a3df2e06849084ef9bd3a71a428b784f537

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt

Filesize
155B

MD5
4394312d1fc8e2708fd4e685ad881b73

SHA1
a711e2db76066d1ab171fd1079b5c14533795e69

SHA256
4a4a70f3788763d591b277e64526ba33b035385ece339e0c17ba7a96366f38dc

SHA512
188fc97ad5e3a7e0a66d16a2d8cdbe84287bba8828b12b6da99a35a6a524f3b71bb0002aad019acfb2b5baee0dc8ee3a403896f44af52ce7e7f93a05758685f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt~RFe5a4b81.TMP

Filesize
94B

MD5
3ed59f580806157bac4b10d559ae035a

SHA1
c9f16d6bca3f2a0886667461c50a8ac92d2a4b24

SHA256
1f75cb84bb1257dba163e4568073b55f1db46cdd97261d2b3a1dbd1315dc61fa

SHA512
2364a8f1c8a35045e59f24e8ca8e14ad3891a2ad1c73deb359a3defe9355ec7671ef7d2b243b137caba81d33dcfb864569c36e997aef057a49393f872986ccdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
914da3bfe473186c36d842e567b4529e

SHA1
3af352451223607012c9f61a84101a29afdbe1c7

SHA256
231057f6e97c65629d70c2118b43827b8786980092215d5602ffc23d5cacd9d1

SHA512
cc0855f11360eb1afd701779a078aba1e5fcf56354875d2092479b6c046dab6fef2a17862ec11bb19016f0411b7b0a676d3019d3c89401c3d2e774b9f394e1dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe64aaf6.TMP

Filesize
48B

MD5
45fca91fa792eb753aa998c9871b49c6

SHA1
7eae8fc8581347feb647d0d9cc0f34c156493b4b

SHA256
9f141ce0fa9e68b740030bc2f4838e83b94655ffead93931ef3989da4b66f45c

SHA512
0373d4334f3e71b4003a7ad2fd7b2c3bc0c7ffc8f5e11d1fd5a376870a0377514e601c2a88be03dc41d27c6f8e778691fd890ddf908356aee3ff6bbeb4aaa7ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
1b58b783e2c4ad354705acbe137b6db1

SHA1
4360d91e4a4d10c154089a6c9fc37731c9d8702d

SHA256
46d392b40bcbe3a72e5556dafe88e6980e525b4e2413a4d97a2ef25bd8920768

SHA512
83f75171aea4b0b4311b805a974ecfdb8926c0cf5f4be94179d631e5b9f44c3fd1632559a01cc659a162b1400d2e3753e9e0bbd6df39f2ac313ebf8aaf093634

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
c4f8c2bede6a301df593e11884f75f54

SHA1
2cfbf0a668dd04caeb92a668147568583f1f17db

SHA256
f3a3c6b1607356978e7c4518ba4bc46c278fa07956105d1e55aa249ea3a15cde

SHA512
9d4d098d6a59728042d6c410f408233462148841c413ac66320beec2cd84d52bc9cfa62c93464bc6ded577fb35f8bc1422ef0609028b726134225ac62f5a4b03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
229668a846f8eee11c0ad149df92c5cb

SHA1
3a478859e60b9134a38c71a04e38537f82d2011f

SHA256
14131072d31928e52f9e4a7f0c87d3d7509d7b02f031e3c44ad0bac9d4e081c6

SHA512
b8ad55835951e7a1ab747dcdf8562ef0c2b83682e67106e703fdfccfbc261704d2a1f6d9f2c05435d5a54e0ad545871742402e86f5b1869bbe40164fcad0c78f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
5de235d3aca656d9f058458442e9b2e0

SHA1
dde9ee1f334665e96648e720aac674bab46a56f7

SHA256
bb2f28742bb0eb2b5f81a33b28576b8b0512c082a7bf522af2af2a41c88be6d9

SHA512
76368a29e648e8c419dcbb93300c5142ab8cbcc31d569579f3269276c2656e868ed20bb0c9394f0884011cb305453abb7bd5bd08167caa52551d38957177e0ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
6bb7e3b27b93880c4ff94415bd015a35

SHA1
8beb5e69d26213b4031a866a297d0654ad96ca7e

SHA256
d633d078d4b6ccb487894f507cfbf5b8b3beaeb1f5a4c6ce603747c31b9b58e5

SHA512
658be9be7080ea860dbbb37e171f3ffef4830d3954e11360734a200137323d053132ab470bd0447e24dc65f6b629417cd0883a1514d0327e621e7d42a634e83a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
a03367064aee8c19a99b976c780dc9e0

SHA1
11f149325b0791cd6161e541f9c62b2e49d8e081

SHA256
3c885973718b8bfd0d9af14df0ddd275660f7932a464ec0821d449317e1db715

SHA512
ed87a7ee5091f5b83e9fc699def9879ed47fa7154de1739db0463eb0ba92a451b82ca74a38619f7789f30cacfe1194590abf55495ba0271b8ab560489e96468a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1b15d0e48ad1dc17a69ca65f869432a9

SHA1
2bbefb4768ee50a145f54ccdecb0aa7725fb4881

SHA256
865f12d0682d4a98e17bb96f578be2fa8700b87a6e01e8dcff5af2ddac0baa38

SHA512
d14937f8d97c51843a297b9d0802cae36c5defda75ec35afa78a461da8259f74ea591397c468acdb1914e1c743433bebd4e877e0883a9e0eb55d8c4def60da56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
a5adf9304439395938c0fe4e5bcf4935

SHA1
34abc154723b7833d8f779322bf54e6d8c280791

SHA256
0de2de73ed69cb6324a9059925c670dec22a01a425327a9dc96c3f6637ee8d79

SHA512
abe0c73db12758c0889d2ad9a489d71d0e53d346691c03fd54efad067df66b8c4c5cbd9df197c0a0697b5e52abfe77fbae98d62a1dc522cc02beb03fbfc164ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
785f0da2c3a6531a3fdb90ef8cf2ae35

SHA1
465090c4c7fb0544fd03de39fe7f5cbf99412e4d

SHA256
881b05249880a9d03a650c2c7e0fa7dc2500a6e9dcbb553aab6fd3cfcc0b6db9

SHA512
ba8dfca22cdbd8f658c0fbd048ab7a187d683ab3bbeaa7a8cc4e26c5e7d40ca79cc007d74dfc61edf58fa6df46f6f7e2f229564583f6ff8da3d315469e9e557a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
a2e8cc1e1b8fa6267d6e3f17a1a003f7

SHA1
28ded1d65b7d7ca31e98e85b110c46b43313a949

SHA256
20a9fc2697b8e70f8187fce3216c7db344df9e190d33c77a3fb930e01a28030d

SHA512
b3d146d7d6cafb211c50c9babbc38dfac28e42f60a1e6ce1d7888af4ab3e66c4db0b2455f11eff05d268ebe915b709c89a92817a8eb9724db0b834e2a3b097af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
57455e7f847502fe7112feb1ee9fedf0

SHA1
5f530dc8eb2838eca4bcc525993a76fcee084d46

SHA256
ddb64afc2eb9b2cf22f70412477bdbbe488812b456c8ad0df1303f99190fe230

SHA512
477a2b00d69c0ecd5a6e25fe190ba4067f77bd9f51fde50131c9f0b067360cfe1d04d8931e8f66a3148dd053778c7ce4711b9e94f856c8de5c4c107a875fa410

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
e2e239f443290c462438fbc9b75a3c1d

SHA1
7fd593f70fc587918317613bcbcaab848920a280

SHA256
18193a66ee4bd78b73ec7c8b982eb93e5315378133164f4a37a82178bb12e974

SHA512
6e1e605c5d3f3beceea680a839399c7125907a59ec9f5273796d999e56f784cc1fdbc664374cf8317faa37dc2006457c68e7b8c0667a7368279eb5eeeb30ca61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
057ad5820a19845c709cd2e96f37cd7d

SHA1
f3a8ce81dc771dcea615d9d910c9ee2927830df8

SHA256
02eea6e67b06b305d37f9673a7d32b8442d6c1a431bc8ce0f1120fb42e28eac4

SHA512
2c6cf4b1c3806aa1fd018b0e33428d49a32613b47c71c010212098edcc4dc0bc9da5bd3bc19f27fe049d5659877551ea23d109d4c5526fa856a9bdef5da04249

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
059329930f5a44c911ce5ed67cba2d5c

SHA1
d922f73d3afb44c8f8e229b75445b51069cf06a9

SHA256
232c6bb4ca20ba282e5f6cfe0cf18c72e7ecc00894aa8de9a1f657e1dbb7a1c8

SHA512
058a015af0f45157fde27a2c83397611ecdbea303c44448b8e97f8e8cf3a495a66c9dcc7dd432db5a8782578545851dceb729de6b498eb77b878e1aa82042e80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
6ccda5094b152e92ab3f096f69fa51f6

SHA1
8d126da1f8ae01eb0415b952d27ed3fe077d3cba

SHA256
3d8b9cd6df822a22d901a56d21d48dd6dad504b5d8f7bc47b3d61d4f27fe8e88

SHA512
d27b09d9b1f4952643e12c0928da468adbeaa43431dfcf1eda3023ee52d2b3a1ed489645513eb022ae0d03fd35c6b3de01ccd19162207fcec6d905e55ccb5222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
855f6a6d3408a16a91d31427376730c1

SHA1
76e77335f46f964a8e12242fae020658e11e4831

SHA256
7a45e7a6e0bc7bf7605f9356e2af7cf68a821c7c4fed1513ecdaa75b0720b8a1

SHA512
beb0399628a4305db5c6e8f28f76d174e171615b7fd0a37a7a1580918e599acdbd15d402ff008979b6dbcb18619026f745d5823e7321fb2b88af58f1e4aabb1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c5b916f72e9a4e2716160de9a7719406

SHA1
d74bfe7c8f86116c40e877f531f96fcfb18ee143

SHA256
b894d2005cfdf74feb4764414c6a83fadcc03f0ba8ce40b939b3580c25e86e51

SHA512
559e42a772f2bf669fe887593c38fb57fdd5bb7cba9dbfbee392aaaf73d7398634604c8f7edce86e605872bfc47677f307f934ae2c957b5d7edcba6aa29967cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
218edbd23a9cdad9472a3bdd7940e8a6

SHA1
9b75f6321191eade88f23a782d30daacd4d1c191

SHA256
c4f5f08990cc69fb38a806625857ff73aabf7fd4f641b26f1e22807ebc6c67d9

SHA512
ae1c5284976ac58c039346ef5847aaf246ad07e115c21e5a91c5489aabaa67f9dc68efaed217ec565a475eb4bd815e3c26d9b9831e2a8957d1d4897901f08500

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
00109d953686636d27cfafba18df733b

SHA1
f4fd7a598e3ca887aa8980ea56566fbf4ced23f6

SHA256
d33c358dbdb49df5483d5912d46eaeba075e0e815a638877901a632f4b1c71b7

SHA512
0cfe1614b5d232888f5f847a7787ae1d68fc2ac96201220ea6f0bef59b251b3ef8ae9784583c2d667a725bcbdf369ca56364a08e8a6c3e206a3c4a713c5dc35d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
d4e4c1429e541c8eb4e6b99baa4b1734

SHA1
c7793ad8cbeafe65c0d7c620b80087b2960f3c97

SHA256
22b71ced4fda90d1b0897eba7485f8d893bca66d77c8a479b3876df73854de6a

SHA512
cff1bd065d701fc24c46fa721a038db6bd71a50cd2aa4c8e72901a80f90dc8dfacb6a9313abd5657d59beea2c29cc90b44549ec77e2d80ed73d8f7876f1261e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5812a8.TMP

Filesize
1KB

MD5
9768e6159be482f80a25b9e8ab50072b

SHA1
f2809ab3843798411149cedcdb3666f715ab4a1a

SHA256
32a3a37a092aca754fdf864405d5dd4207de0ce7f47f29ca6e05784d7f7d1e41

SHA512
3104110e768307a79c6eeac3c63e137ea5bdcc5e28183731527b786f02dc5a23c27f9a4e21f97a3c3dc488a5c91384d05d14ec0e36f155e966053ad75ace371e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
5d7415e3ce021a0d7be8975076ad7425

SHA1
f57828e31e8f048141d9930e271ca9253e7f72ee

SHA256
00a917ab75e302314e95de3758d9c4448311c7a0ed4b00879aded08be6eedbc0

SHA512
b80474340a82a030bac0f6c57cb08e13e58a46fc6ffe669f613d10022a8ae5aeee2af2c89111b9c721e8f8581b3c37e5086f1674cb909c0dbafa29461f342c61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
17c050afc6953d76b5f77005b0291ef6

SHA1
f75397a81ea51fd0e9d393ddb1d9a399afbecde2

SHA256
a4f115b61ecfe981bc25ad53d33d9d05573831b8c59680e27746709cc9dbaec1

SHA512
66c20661405dce38377cdab9f147d385e66e61a5303a4dd1dea7e458046d71b458328c320942c373235e13136a937ed2692996ede0b99a46654da076d8e632ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ce78109c082f8767c9e50ed73d9f1d90

SHA1
0a18c9a0d00533c30837cd8ab35dd878d1179ba8

SHA256
d5365a76294dfba3e61fc62a59f3f270e644934090dadf420c243c5f06b3723b

SHA512
055ed54bf4b6e084c4e88e2d63698cbce0cfc9db668be83f17cee1b859c268fc239bfbdfabb05a4bb4767423eeb0c3f32e15bf016c8c6b6ca30b8e1d230f97cb

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
6204fef6b66794534d30e0ed3bdcef3c

SHA1
98bbe9f6c5d6753bb08bd2c253330754121a79a7

SHA256
4fc417e0e1a191d36340a5537539a2c02bee77cd0a2bd833fb5782cd797b00da

SHA512
e6cbbc1be5ac1892d3b0856a2b735f86cb05e0f421cd36122d04ba47c0016802b0998fb3c052f718c369f498439ab71e33b7b2d0405b35d924cd0c6daff1834a

Download Submit
memory/5520-2611-0x0000021FD73C0000-0x0000021FD73C1000-memory.dmp

Filesize
4KB

Download
memory/5520-2610-0x0000021FD72B0000-0x0000021FD72B1000-memory.dmp

Filesize
4KB

Download
memory/5520-2591-0x0000021FCEF40000-0x0000021FCEF50000-memory.dmp

Filesize
64KB

Download
memory/5520-2575-0x0000021FCEE40000-0x0000021FCEE50000-memory.dmp

Filesize
64KB

Download
memory/5520-2609-0x0000021FD72B0000-0x0000021FD72B1000-memory.dmp

Filesize
4KB

Download
memory/5520-2607-0x0000021FD7280000-0x0000021FD7281000-memory.dmp

Filesize
4KB

Download