discordrat | 1791515f3ef9b72fd524aa0435730f1ca8324ec37950cfcb682f020763a95bb3

Analysis

max time kernel
782s
max time network
783s
platform
windows10-2004_x64
resource
win10v2004-20241007-es
resource tags

arch:x64arch:x86image:win10v2004-20241007-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
06/12/2024, 18:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2K76GE.html
Size

7KB
MD5

1bd74c6737ed967cd581cad848a61f31
SHA1

268a245e076830af8445f01a18dd4ebfd546d3c3
SHA256

1791515f3ef9b72fd524aa0435730f1ca8324ec37950cfcb682f020763a95bb3
SHA512

4861c94bc7a6935e318be98bab3a76929a62b4eef2a592c3273021c86bfab85c35d2d4ad7cf53e4d3c3de6bede89e3604d330161f00ca2bd1db72039ea0c10c0
SSDEEP

96:PNybXaotqEb0EZ2W87IWd0k4xs/1Pf9zfAGgMn0a7g3X3Gs38PlTW1vNxYzueh8p:PN2x2Bd0fxOtolM/dK1lmytzN

Score

10^/10

discordrat discovery persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTMxNDY1NTM5MjQwMzU1NDM3NQ.Gb5Xwe.DB−LpfzZZCfPe6lgOGUiLRjtMvWNw3JkR_f408
server_id
1314654854823805009

Signatures

Discord RAT
A RAT written in C# using Discord as a C2.
stealer rootkit rat persistence discordrat
Discordrat family
discordrat

Executes dropped EXE 5 IoCs

pid	Process
5360	Client-built.exe
4496	Client-built.exe
4028	Client-built.exe
5816	Client-built.exe
232	Client-built.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	builder.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	builder.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
3828	msedge.exe
3828	msedge.exe
468	identity_helper.exe
468	identity_helper.exe
1564	msedge.exe
1564	msedge.exe
5556	msedge.exe
5556	msedge.exe
5556	msedge.exe
5556	msedge.exe
4856	msedge.exe
4856	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 30 IoCs

pid	Process
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe

Suspicious use of AdjustPrivilegeToken 10 IoCs

description	pid	Process
Token: SeDebugPrivilege	5360	Client-built.exe
Token: SeDebugPrivilege	4496	Client-built.exe
Token: SeDebugPrivilege	4088	Discord rat.exe
Token: SeDebugPrivilege	4056	Discord rat.exe
Token: SeDebugPrivilege	1312	Discord rat.exe
Token: SeDebugPrivilege	4988	Discord rat.exe
Token: SeDebugPrivilege	4028	Client-built.exe
Token: SeDebugPrivilege	5816	Client-built.exe
Token: SeDebugPrivilege	232	Client-built.exe
Token: SeDebugPrivilege	1608	Discord rat.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe
3828	msedge.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
5032	OpenWith.exe
5168	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3828 wrote to memory of 1380	3828	msedge.exe	84
PID 3828 wrote to memory of 1380	3828	msedge.exe	84
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 2408	3828	msedge.exe	85
PID 3828 wrote to memory of 4832	3828	msedge.exe	86
PID 3828 wrote to memory of 4832	3828	msedge.exe	86
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87
PID 3828 wrote to memory of 4848	3828	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\2K76GE.html
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff91fe846f8,0x7ff91fe84708,0x7ff91fe84718
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=4948 /prefetch:8
  2⤵
  PID:4380
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=4948 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=collections --mojo-platform-channel-handle=3356 /prefetch:8
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:1776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1152 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
  2⤵
  PID:100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=932 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
  2⤵
  PID:1256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:5696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2168,3001829025544957305,11558880909851683563,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=6760 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3464

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1464

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1776

C:\Users\Admin\Downloads\release\builder.exe
"C:\Users\Admin\Downloads\release\builder.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:232

C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:5360

C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4496

C:\Users\Admin\Downloads\release\Release\Discord rat.exe
"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4088

C:\Users\Admin\Downloads\release\Release\Discord rat.exe
"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4056

C:\Users\Admin\Downloads\release\Release\Discord rat.exe
"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1312

C:\Users\Admin\Downloads\release\Release\Discord rat.exe
"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4988

C:\Users\Admin\Downloads\release\builder.exe
"C:\Users\Admin\Downloads\release\builder.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1428

C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4028

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5032

C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:5816

C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
1⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:232

C:\Users\Admin\Downloads\release\Release\Discord rat.exe
"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1608

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5168

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\builder.exe.log

Filesize
1KB

MD5
7ebe314bf617dc3e48b995a6c352740c

SHA1
538f643b7b30f9231a3035c448607f767527a870

SHA256
48178f884b8a4dd96e330b210b0530667d9473a7629fc6b4ad12b614bf438ee8

SHA512
0ba9d8f4244c15285e254d27b4bff7c49344ff845c48bc0bf0d8563072fab4d6f7a6abe6b6742e8375a08e9a3b3e5d5dc4937ab428dbe2dd8e62892fda04507e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0d7043e8-19b3-42fa-8054-ec355de4d77f.tmp

Filesize
7KB

MD5
961cc7ee3cc10eb5ff647892f42f45d6

SHA1
f8e95407d4f22eac6abe7851c171b6f7cba4db52

SHA256
ff69325a1044508c1106263e63ebb2174b20745b3029362601345b229bdaa71a

SHA512
50e28765ccbe219434004d2596819ff84934d89e62a0159905729c41c1dad31ff409e64c68f7aa608fbf1c138bd582e787680db2a3cd046c0d0d5dd5a9bb952d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
67KB

MD5
27d9344de055e50044e074ec3b54231d

SHA1
d07ff356acb90c9d4fa1c1e3e48188b1a2eeaf8d

SHA256
d5c1eb2d4d0a13aa42ee68f03218ae01f420003f64f572b77cbff7d61edff388

SHA512
ad045b2f4e6d58e43de1e26a1d5c0a46d912b65caed68ac4bc07f0c26223c5a9927a74ccc8956e074ee74db6e7b05415f3baa3634a714f3048278982bcddf26a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
47KB

MD5
9f96d459817e54de2e5c9733a9bbb010

SHA1
afbadc759b65670865c10b31b34ca3c3e000cd31

SHA256
51b37ee622ba3e2210a8175ecd99d26d3a3a9e991368d0efbb705f21ff9ac609

SHA512
aa2514018ef2e39ebde92125f5cc6fb7f778f2ab3c35d4ec3a075578fda41a76dbd7239fe2ea61533fb3262c04739c6500d1497c006f511aa3142bb2696d2307

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
25KB

MD5
e98f77c695876f1fb5be900b7746f30d

SHA1
d68be5c834fc18f8d1c2dc6131fc56dbe5d2e3eb

SHA256
70e3bde20af4c0241b47fe708e77c612b75eed67692179114c24fedcbd35e833

SHA512
dcfb3868b21dd8e177da9c92d042844b45e89902e4284fa582f10fb414253f0b7902f430a593ab936563eabc64aaf29fe6e2a7bd64d720f08f26ef9a3669b430

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\01f5557e07fe2ba4_0

Filesize
2KB

MD5
d0bdd43932e4336536ace02da79ae146

SHA1
f588d1e5328d74d7cd7fbb3de30be7c6e6573fe1

SHA256
83252b089a9fbe39ab22d1862295e7b6d3aca6c9b4f0aafe9884ea95b5a8813a

SHA512
02f66b64d2d6ab7cabf4da0f33b5f432675aa3e8271466eff3513d829c790528ff95b0733691d416ddb146f358bde4ac5f0e3ec727488807a663fb9c127e68c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03e6097712bc033c_0

Filesize
13KB

MD5
475286de53c40b14278a7722e84853f9

SHA1
d1b86e673525d38531033a616cf7ecb54a405900

SHA256
24d10bbd38e846566be146725a01e5bb713606122989627faa83b83791505485

SHA512
8d2cdf274ded9d3948f8e911d94cf7762026adc9db1d86e6d4cc35dee544b2f44295af29a6aea9e26358cd3326d1877c84727beeae06dfec0f8b94c56cac225a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06a86b3c6c2498f4_0

Filesize
264B

MD5
6036e68b40e729dd7c2384b616884593

SHA1
284ed904f9d55a5f895c11a0ff0eaee3331edecb

SHA256
be94ae6503c00ac78d7526aa1aac8f388c1f596fcfa8bff24db96a2ef36f7844

SHA512
6cd24ce956a289efd2eb9a17f392d9941509af67c2625eb97610510762ffebe1649c13c7bcf51c9c5b33db72ba4915e5754f330740ac2421df24da7513ff7b9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1300fb70aa1eacc8_0

Filesize
26KB

MD5
43ad775342e6ab91208b963ed5c07ef2

SHA1
77b2b02d4b8df2e7b17eae18a478f4ad9dd7aa0e

SHA256
f5a0450078d37e1b3956236084677ee565c9a3b9affed614a3e35de7ae4958d7

SHA512
1d3340e0593c90086de0c6174f79de497d02495bb47156879017d0da3ebeb806b174472619422fe1e587496bd8031cacaf250fc42e64de4ce97a348786a5ef31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bc943a1790841f6_0

Filesize
5KB

MD5
51436dc72f0218e543426560e16ccfd4

SHA1
ab6604177565bce9d7e3fdc2b34a915bb43104c0

SHA256
23f3b1598368eaad84a27fbad7527d7c65b3b677c5112019ebea922fca19934e

SHA512
9cdd6322458beb8ab49cdc98fe806c1ca3e85f968b36092b4ac3f66092191f610c2b8c4b9a4905303692fbe9165285e02ca846948d8afcceaa02f3fba275a595

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\388a4688048890f4_0

Filesize
2KB

MD5
4adf42153ba5dfb3446ed9e7ee20195b

SHA1
527dba88d60b3eb9163b1a1946a3c43171f89304

SHA256
8c6f73d05cd2faf209143b0f5f69d0f02d684592568bd6761bf3baff3afa5727

SHA512
3d00953b4c3a5d91f76510b165127af05c28200369772dcb0d073e5d1bb4ecc3840ed7c0f5a0a21bfdc0ef85203b903681786a2a51cc8f6fdf519cd1fc8ebfa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a66decbf00fbe59_0

Filesize
1KB

MD5
7e1ebcbf9d22296a9a377c7670bdc9db

SHA1
fa63997716e244e6d1aed024d8abaad6c2655dd4

SHA256
094b537f7bb39716aa6acf55cd7feed7028ad81762aee7e0d72cfc433abf3efb

SHA512
c116c9c443adfda1efae340a93de6f5ee5a519fa1a34dd12f1fc087fc2c930784385c884de37e0b43f97f235850ce547698ea14e9f9f02f4782248faf5e052e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\41036e68f56e9eff_0

Filesize
3KB

MD5
273dd4541b2091522256c528395912a3

SHA1
032a95f6d938bcca914a25bdcc175218ca81b2b7

SHA256
d2b827b033f1c1d1f4e21d784b33c8af6c21f0eb9a96f159468485ac7d829bad

SHA512
69bb5a36fc588ab94a97e55383e091e5fd3017f3e94b81cdec00bd21d978323ff8710d96089ec3b9eb22b0d40912f123f0e616570314a32b1b1583eb4c312fb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\51a4a75e8f7bf8fc_0

Filesize
2KB

MD5
028449173a91166ce752c3855dbaab06

SHA1
0dabf3cb57bbb92af782306d011dd8420fa55dae

SHA256
46c32209813eeabcc8febc0412e54996ad7e4449fd8169d510ec02da7e99a2f7

SHA512
93539f117ed76edebb0fb79325c80e41e959135c2ddfe72f338ac05c286059e8983a76e0f6f8bbe9bfdf3ff14323ac9b757c29364a334a39ea49274ec23c998b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57a850373a59ecc7_0

Filesize
60KB

MD5
17ee698f111e4cbe85598ec988aba14d

SHA1
9605493f52d350e5593c167227fc27bdd5e3715a

SHA256
2280893ad44ffa26a08b4af7e0a3447229f61f9ff1b17b05573393b09c4b2876

SHA512
fb7f1e4f113f5ba814ff2e249dd1051f6cda90437d50e4cd5cbade58520170ce967280a8af5c74f89d6119b1ec0792e3ec57ce719d069e73bb149573d19f73ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\594e48a0c5e9c6fc_0

Filesize
264B

MD5
0a7fe00fcd9c3def0e9aad7381fc2f04

SHA1
d7def6c0107172b8432f34e3fc9f4e65aec50ae9

SHA256
a148e01e213938ef316cf2a996ba8585ee1c9dff3f03d3a5a0cc5f1b0cc9297e

SHA512
7979795721cf1fcfee41bd68b7e40d673dcfef0ba709f916d665c7aebc5aec9f115718a3a41bc498656936a24a813850bd4a441e3f95383455fd6de79de4706d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b9841119c0b7491_0

Filesize
1KB

MD5
2349799e1ed170a064e0a424b1fa0be5

SHA1
70a5cce341646627d776f8b0972a9dc0b7f79371

SHA256
f7e717a555298ffdb089ac2dcff534375e20a987f2f876ceda12239c9df87988

SHA512
f53aec15d020da4f991c812917838a1358b4dda427a3061cd03888f2b92d72a547bcf924e025fb89b397366597a7d0bcb209208e306dbf0f649045b41d453eb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5e22a39184d332a4_0

Filesize
22KB

MD5
cfcce012e51fb607e90753538f2bccc9

SHA1
740d725d9a0f1f94c87a05238a8828a25fab017b

SHA256
2db07ead31a6584719e190f2fede31f43a5512922fcbf04af525612ef94cd7ba

SHA512
beabb34c5d9ce1ebb36d1c725fdb9082b91a8202682cb74364f000a5d3eec7aad0d47fa4adbbb80e4b4b4c08c781a675bd0472d19274a6d17a1d63e2df8a8ab2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65d7342ae7727388_0

Filesize
8KB

MD5
de1c66b998e9d769e1b6adc31dafe0bb

SHA1
a5ce844caf894ef12ff31a8b455b3d158c6d90b7

SHA256
659373c63580e3c19593ab27a10e8a19080f5d07ce00b257b4bd6dffd69bf631

SHA512
65eedd11b5917d82c2a581083a6fc160eca55d6572d968d0904fe970ebeb12d394e429f3b73d87eaf853f7a0b294ed02893fff95ecf0fe3bdbde46c4aae2bc49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6fd8f253bc07d0bc_0

Filesize
110KB

MD5
e2e77c64b76f3153698f928d48dbb9f9

SHA1
d03794b49719100141d898a1a291d84e4df74512

SHA256
a2d8bb8ffaf0bd06efc337d76817f981f74180ccbd31fc7fccb204605feb8cbb

SHA512
5f43d6747bf92a55bbaeedea45b8bbe5570b7bdfccd333f401b3876f14c5296b8b1017908fdf041b0132186ecda87fd93b739096ad30652826e0f378dca7c93d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7983b4059db05078_0

Filesize
2KB

MD5
a82b05a0c79b377d6a23feae2aca3ccf

SHA1
e2fb6e3b2742bbbb203dfbdd7bd9d04ac658a2cf

SHA256
1e2ab5e1519acbc7bc9d7a5bf43ffeea6691b6bf0f3688c864042fdfee5d7a80

SHA512
cf248112c1d64a56b4b93977fc6e1a718536f860e79358d9350fc8de34d433d973429986a2c0388498e9165ae6a499c716cf12fd7e7794e21fa5cf52dad4d082

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\85f4380291c71678_0

Filesize
11KB

MD5
97611ae741e1fbde9d3be6fe6b8b5f50

SHA1
2ad786452cd0520585457ebe0c5c59d9b337114b

SHA256
55cc13fb60c1492e1e2e52d72515edb516bff84fbf45431afad3aa5d7b9047c4

SHA512
0b8cbb69877c08adc881970bd1c9ce9fb52aec44fddc6f24d88815e8774557800ae4e56523c435f5767b1eecf079488e0c98f6000266614944e29c40f9f6384d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ff0b33485b144d7_0

Filesize
6KB

MD5
5e2bf84266039cd5fdad0a2f803ad176

SHA1
72dd1c269b99a8f9cd9f7c990601690a02b67474

SHA256
6caa0e0125677262a9f77162cacaf156f215033dadcc8081d80cc672aaf603f4

SHA512
217ffb7de6fa8efe61ce5dbda30bf4de4286719af950128e90fc678bffa8f9d83e83483aaf94a291a1bb0f9a81cf3aee709bd1d5746172e5d848c52a82889009

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\92110b050cfd524c_0

Filesize
264B

MD5
5545645da2a1849021e34a1a3db05b74

SHA1
e7d4e659e5fe6098f16629771899a9cbc4e42e67

SHA256
37ab73b9ba3b0b62cecbfd5b32ab2cad7fe6efb3df2d83e44126113bcfe6d3ff

SHA512
9ab8dcefb5616c3114f1dc68280457fdfa00a5837191ee71a975e6b9dc94c9931d9f5c258a54ac403a43d61933234d600dbe61527e064d3a932683f44c8eae03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9b60a415b4f7c4af_0

Filesize
1KB

MD5
da9c05a051ceef606372dd106a05e29b

SHA1
46f6dbfc593041b06c7816b681a97e28ef5a0aca

SHA256
24724d1b0e076b2d8b26ce8cf1c20f00a8aa6aee459bced6fd5e3ff400b047ee

SHA512
4710c6052a4046ee0d9fc3f26b187d9b24d741a56dc394bfd53bbd98fbf62129f9140f4ad2dffac52302734bf46c0ca5b22b3d5857f175b52b6d48de82e4ade2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9d3500b0990ef4fd_0

Filesize
2KB

MD5
0417fcb89eed91818161b4754dea8904

SHA1
6c0d1d6b382eb4612cafd8c362ae6e5c30438217

SHA256
65f841694ccbfb9052a714186ad492dc2d08ce7a9fec092dee41a317e5bc279f

SHA512
8f2f83c6c96a75816727390d6501b089c8950bf89fde3e20752239408629841a9ea18739b5fee59040beda06f634bf3967826710485e5d634fe8a11e8bf0c0ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9df0968014237b75_0

Filesize
1KB

MD5
766865b986cada03d48bfd6fa2e47675

SHA1
e0a482d5543e568ef2bdb836424b741bd421e4e9

SHA256
6dc7d95261912ad31ef9d17e65f3107ad3a17e6d9f5d264dd90662cd8b55d10f

SHA512
ef820f6ccfc67aafb66971a15e0017ba549365b79437c9d66ae91dd5d815d85095a87b176138b4658ec62db6c9f89d2fa18b72309fdf950c00aefb8a49a0a766

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a262af2bbed76292_0

Filesize
9KB

MD5
28fb6d2d70a2e0a5ee4b6ac136846f44

SHA1
305719411114d50583da306f180ceba5fde28701

SHA256
63182084470bc026a559884fa8fb64d989194a8de83f70e8f87ae923508d5e46

SHA512
2aaf01919da3277a2a4ca4f97e878a5a4903e732ecfa98ed7a9033b09f54fd1c0234e0ab6fef6d9fcb6e7aacefe0bf74a233a6f2d009bf07a2bdbf243211cefa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a638543fd8211f50_0

Filesize
14KB

MD5
07599532d054a4d8d684fb93453244e2

SHA1
931cfa12210ff61abb3d8f330bce319e193374b8

SHA256
ea5d2576c9b6f3cf20b17fe152931a63883eb90230520daaa4464d6222acce2d

SHA512
caabcbe263680a6e008353de1ceb270ddbe9d7dac0214a33cf42392f11de7ba428dbf5be0abd4734f47fae8e61c524a74634180b0493a99ed7e218fc39cf9c2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a844379748274585_0

Filesize
11KB

MD5
6ff7299ba908413d26584adc9d1b6caf

SHA1
0e090b4dfd385a3dadbbbce4df7622e9f52441b7

SHA256
4f72ed164b5717dfb35c6ab0111566751c4a1d6a8352584d879a314c5c95ac9a

SHA512
374611b464c2b7af2ace4c1af3ef093e3b7b7f5496595b8e7f7b8364098600881f3845b17f61bba6eabfbb1201f577ab3bb0640c021e87c3e1528d8722976699

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a8f18fd122da0c8d_0

Filesize
3KB

MD5
b5602f5e4364d4461cc2dd63e5d948ad

SHA1
32f27c3bc1b752c22329173f5de9df2d3b74385a

SHA256
aee67112e083b07d1ed705ca8a501e10c71973ec3ac0120698c44c72985e4dc8

SHA512
502ed912844f8a2ded7c2350849d664d481a27a2e6ead0c258df10c484b586e9c2424ab4e54c5f80094bfee6b18e02561938fb9f5a57964e85aea7ae7438e0f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af66bc22063fa8ce_0

Filesize
2KB

MD5
e6178b948da16f7b02429698646edc03

SHA1
391d82dc9e3ace8cb2804ac4d9d71041e959d16c

SHA256
238863935bd90121504407e53b1dabb9891068171cdc2094452dcd897eb6e6db

SHA512
b229421e6436552faf64bfc4c02d1a6bc8e539b9874946937fef6270727dac3b7a72fb41a52f135c49945845745de26e2638e3cac00d79780638d0976eb04fe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0b799691077537a_0

Filesize
294B

MD5
1e8860e23e830e7b56251af5a84ae3c1

SHA1
dd9d5ef747ce6cdb7358d706c73e02fde34e6d15

SHA256
e6d520590f15857d37169381bdf3e5938d853ee73a6e4ecbd987072fc944954d

SHA512
7e4fe17c828f11fb8e95e3a57318078f62157c29203a060ccae36cb760a0c3a969cf1cc39c986768c88f72914ccda545516f577afffde1387b9238e95aa1edd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c541e891f23ab5c1_0

Filesize
8KB

MD5
f1e3205645500faa95f01432e57fdfe3

SHA1
2c6cd0a341d416bee6c0c9a1b5432043b5795b24

SHA256
6a37089aab3d83bd19ac3396ba3321baf08268017f180b6093356b56a44ce427

SHA512
6ca7b5e9b8f32badf6adfdb4ec6d4470ce7e9d2082854725890efe2d69ffdd45596b805588c4fc05374a97ea2f799e450e75f3014e15343196994181d55052f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c6ef2c488e638852_0

Filesize
6KB

MD5
a837e15edcd3aa2f9e2e90b25920bbae

SHA1
324a76b7366b97602d06560370fbc06c42eb8e23

SHA256
c042daf4cf8e52d32d8bef278a8ff2aac1de49b8097eab96fb41135069937acc

SHA512
7e969caa06264ad99768f03277bc551636c82a4679ae65fa84e5d495728e0fd325e4c2055c7dd02b4be2eb6dbc9e36a77c4c98227fd55e4c9fdb53f9d57aad7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7414e49eefb7a38_0

Filesize
289KB

MD5
43f512279cee18ad964aeef3ee8559cb

SHA1
d2ee7fdbeaaf2b1a3a1e76ffff899c3fa77795fb

SHA256
ade9513528be7d2cc3d08c0c49b4825c602ebec0d9742bdb27fdde5024f41b37

SHA512
2973495ff883a1d4d3fde7c577518ccfcf9460dd8ab83130119ec7c5cd580ba6f474fbb68285174b681597ef3ea9ee2f26e9f7468e1e621be18ff17f3d51e562

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dce1cef07803b6a4_0

Filesize
7KB

MD5
3ee87692df035a7ff7910b951035fae6

SHA1
0b6639f1d801bdd0fa2435cfdc35f89fc8b210a0

SHA256
56069d1a4672f1ca5e2dec7ebc6bc5b43f43de6f011a4609a55210f71a1e15cc

SHA512
5e37381980fb95306824b0a013f91b40035e9370071cff3fc9c57d78cc6ff975b74e7e3708d2c29308e621c201e03ee93405c22ee78d12d214b286c5a7096f7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df5f60b8848cf14d_0

Filesize
47KB

MD5
9d7adf61bf8e523bcab287112be90872

SHA1
24d1920f5a59e36ef7ad7e5c5a8dbb4a41d87e00

SHA256
8da067a0c6f54ea09bee5281448f8d77aafe5aead29e2c454008aa28e75c3105

SHA512
baacf68e203bff256bb499b38830181f031a5f5d42972a3fa24a81fab653cf9bd3f135d79e792697e3ebe7ac292cf6c41f1f43382b026bf5d8724cd400ffaeac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfb1519328b639be_0

Filesize
38KB

MD5
1c23ccf258217d9b80eda57b3a941cc3

SHA1
bae54e887a81184ab2b937f3f6b6b78dcdc4e30e

SHA256
7749fa0ff80d9985cb94874ec15a3424061a67a3c9f8e0b3779372cc064e25dd

SHA512
e26caee0ebcdce361889eff0c198fe8d976cf919d05c90daeaff8acfdfec01cb41953f6e4c938fd5437234184512311442a29d105aa4b5ad2ff7e6c3dd39c584

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb5b3589f6db495_0

Filesize
3KB

MD5
92e28c5c422575a9032348ba945bbebf

SHA1
3b0cf1c4d6833ed44155654d30a5670588f4bda8

SHA256
ed944e7c9933e9702080cff8a0538739cc869cadb6eeea7992e0aad2a9ae3c37

SHA512
0bc0a5aeadd80ef594d9f8f018485682d7b498c8057c54431ad51ab0615788c8350475dbf927c0c1f8049a2fb3fc024d39f456c2e5974950ffefbe2583e8369c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f0267b0c34e0ac87_0

Filesize
175KB

MD5
475809d9bc58d4bb247aa5115203e116

SHA1
6a6319a53ce5fd0e9c1945676c1359cbb5b05d5a

SHA256
39242c2a2f1dc6548ab5b962d094afcff77675b180b44a64f5032cca4f882e57

SHA512
4c40c6a36da3dd1d2b9c244b6ba3a1c6276144f89a985248bc6bedcaea0f9bb8a22a386e741def81c9bb3b835b20c904ecd671f25919d4108fcf47cbec68c333

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f132ced38e35db17_0

Filesize
206KB

MD5
4b300b67904421620b27be574e1daf52

SHA1
4e5ffb3a398fe968a87b08a4d38d6bfd63a716a2

SHA256
80cdfa601575ea11227872c8424acea3b9dbafa433300bceb211972b9105c87d

SHA512
833033df404909799ff8781b427e1d517a808715e18bec9c947a8604e3761d0a2de573ccaede6dcb0deba8a7b056a1aaf2356e5f81a3387443e4926dbe9cb229

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fa8a602653b887ca_0

Filesize
2KB

MD5
a8b813790951aa4ad95d02796b0c799f

SHA1
d1e137b8bfbb2578df838aac8e1f47ec383b3845

SHA256
13a4d5a2babf5e456da136341a0073e2c1bcbcc4a244c294dcb00b39d5a7de76

SHA512
cf3a5335982a5e6c0fc931924308c324fd4888de536061cb18d39c8997dbc19a514869d9ccea386e60cea309725307769428568f2439a9d4831d478ab5b7f7df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\febaf79e24c841d0_0

Filesize
1KB

MD5
3d444b04c4bef1f556fa99b61d438521

SHA1
2dc8fe552871203a85a4a559cd060e9f2a3eab8a

SHA256
aa76ce01c1ea4a01cc1b2f84c8b99cb0a734c178cda33894237fa85e7883883e

SHA512
fa0e06174277150aa7723110248df9cdd40208a4eb7ece2dc6a29d978fc1beb255c14b6a3189738a7fb4616f4eaf373b596882f89e2f3c95d580f5053b81dd43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffe6352d89d2edf8_0

Filesize
10KB

MD5
309e92d0cd7bb602aee7df6cf8073dcb

SHA1
7a2f64d04164da5816e4df147d0728139b76140d

SHA256
350ace9bc84af9debabf1e386858b01c0e9314996fe1705a17d6a6b8fce172ca

SHA512
2fc77c19c449e25c8ff4d87e54250c37eef001f85459d9895a388c9a0af4ae0653a0f9ecf2b5a1e43c21765b3a839727fa77c6a49d1f3dda072961b7c15e6900

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
a74e5fe8e424dda4f0e7bc2fe61d05f9

SHA1
a7b631a98a51256b6c4fc8fb24d13c835edbd2b2

SHA256
09318e3379eaed06889c6a99eae76798b08faac6aa8ffd8a0ad795058707ce21

SHA512
cd966cea505156f5bc1ce75b6c0cc8c384458ca5de8909e3be12b2297d17183dee86c88ac53162c61b3b5140a62d0a848a87dfa703105c1786cd618858717b71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
3d23098467ea4ee5a9d7ceb31d3a8993

SHA1
3ab19fff9f218a6db1101b5b064b8cb9045f18b1

SHA256
dba02643d39390f3786efe54ecae0dc637ba785aabfc77c6187b8d98a03c9c85

SHA512
e1e854061d91c93d013d1a29e514fe04459128a630dfb1dc1d4989989bc7deafa2253ad1268b9ff8ab5662c68feb9c62c2314f5e0bdb394ee1ae8b083a6e5b44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
91b314c8ee981f6f94f8d60606c01b30

SHA1
f7a91e3cd43df84a194cf6f755189eadf3294f7d

SHA256
0adb4526709e73c4bbdb3fb4b2c78cca47cd33a83c249e0873f6a471774f8b6b

SHA512
1545fe442e1fdf54b8a15d550a46d3d1779c183928ae779c1c6c32f739e7c5dc3459374fc31716cae4b14aaa3f804b6d52a4179015dfaaf45b312b57ad9b760e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
788B

MD5
3cb89c35feb09c0a3e4bb37df06d2d4c

SHA1
78ad242dd2b61e238c0932e437f0ef2343611c48

SHA256
d151a3504d9c22aab8416065dd0676eeb7129fda0feb0a56ac4d8628355919fe

SHA512
f15bd65ba1d74abace4eca420e6caad4a7e34bcdea6e9bf9a1984923f71be2bd3d05f248fb3f248274d35a79c4eaa893ee0dabe825538a9768853a454e3364e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bfe1472a28630cef1b0ca84d4522c44d

SHA1
9101b40536262bd31186cadf54ef681f5adc861c

SHA256
6274b3c4d043e35582cd6436836dbed7fe5545308d1c9205b9923e388adb04dd

SHA512
ecfecb7c3321445d32da1968030ae1d3041a3474dc25c527dc45b2faafc6c3886a6304622e7a6923038e852066591c5b88e47c472db8682b054425513a260609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
4194c7f24f08c2e78119c959a4985803

SHA1
5aec12835ff532b42c584d25880ec3f2486090e7

SHA256
f5c92093198fc3eec436811792fc61b35d46f39b9b06f83caaca457a82a22eda

SHA512
ea37e6e58abbefba9200d02d71381d61d56c519690d85cd925fb8fffa65b4cf97bdaed6e8eff05d048158304fbb6f8de0bb2a3bd46d636584b3be69e876151a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
13dfe9b37a5cb0503917235359bbbee0

SHA1
e78efd1c4d3aca9085f6ef50eb516ea72b3051c7

SHA256
3d747ae70182ceaabe61861b999a4632290ac9b339ded1aaec774774fc90ff90

SHA512
6cb9d4917604371476693df8923b54e12a2bb10f683794fc271f0be9443ff17eb5e9c437e8ff573111f0be120ed4fdab5a68e7375fdca433196976ad2f7784b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
254df2cd644ef8f34b48a6bef7a546c2

SHA1
a86f40053147330c1ba28affdf3149320fafd8a2

SHA256
0dd4be1f92155e7cdeb81c0835c3916a4fa15f0ad2b0f25a4442ce0f8824b57e

SHA512
57aff1d6dba7efcb6b420f04019a8e55a50a031d324d86072d3e831a463c8e10aeb113578c85b4f55057b3b76d2011ff3adaf9b0894abc41a676cac4b8896c42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b7ae49ae874d84eaf5d7286f2914a216

SHA1
5851f8891bf1ee17f739e59182eb0d0afa00a925

SHA256
66da199a4ca544ce243ae69b756464a0f21727c85c9457fd3119e5b0e931d5f1

SHA512
35256fdb702b25efa6a5810d3a21be376769615d1dc169c149835bf1a7bdda092921a3ec95fa3542ba461042400429acc5dae029675221685558343d9d1f940a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
18095b35683936a5444cf34004ee69ab

SHA1
45fc1121f3295bca458ef4887058ed8f7a0650a1

SHA256
40700f623d9f12709f70fb95bd85a924bf2b372ec6cd5aa625ddcab2ddf4574d

SHA512
dd8278e5f3761a921adea9012106c8d9334ec4cb469723dfb32b39a6d6aa65dac782145ff9412606c09e52acb7f477a83d7c48fd1846aedad880bd7e7d368dfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d7a9200d393ccf75e7f25dccd3ea3e0b

SHA1
4973d8e2e14dec425d6a6aa52ee02f69aba7885d

SHA256
e84aaab4139fa508bb956d1a6e29eed7aee9f86a14bd632ea5c2ef26c4499b1f

SHA512
16acfb77615f8f206472ac3e740e35851817a5d269c2e107e0c5d72a3da6e8b9010048a0f3fcc79cf937914bb014e4d5164eeed8bf6e1e709a989b1b491f0c79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
904ee44cd606f73876a69aee588087e9

SHA1
dfeb623eadf7c83bd1143b0519ccf81b5a31e99c

SHA256
16ce4a880188dac87999ef78675add39e7498861aa7707f3cda1c7cbfe2d851a

SHA512
c20a9e7735c2b378f7e008ab18aea43835649d14c9249bf5e8154a1bb0b56f9ce04221bbb4b211c030c1d26196e5ebb57a198cad7bf4a5218b8fc502ac3990b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8c902c530f2ab0d26aefaff34e750145

SHA1
596afa6d398849003adfef15c25a49e5d48b7a83

SHA256
d8e25cbd559bbe8cdbbc0d5089c1425a30ee5f3c9d0cb077b4e2aa66225713c2

SHA512
3710a866766ad5d1200d34d028dd39b00a7d7dbe822f264969b694729023a708b1d8acc9d9582491ee4f342a64dff7d742acbf8d17e386666db93d1ab8d42f1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e1edddabe39bde9dda560834d165bce0

SHA1
e51c6b651de64205a158efda7d534dd954337ba1

SHA256
746aafdfce3febd368e9503d3d0697ae62602b8275c913723ee4fedb7dbf073b

SHA512
a3c33131968fd3dc41650c654cbb50e630203518f8bcc27130745660b2441001545f61e92ec373f86ad09b79145a29b34a07aee7bc794a0f0ea877b7753ceaf3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
106c4b273c37c1f2a112e54ac8df4981

SHA1
b86710938142cc23e32ef7b34f0117a556618d77

SHA256
dc63a1f31cd180374a4f145368e4405ad0efe69790c3f0fd2c96010067a1259d

SHA512
345f319af5b7a763a361a3b8005cb98b54ca0a39c16a58e9f79f9167c8195bd626920800e510e1e1129ddc5dae20171a5e41b9b0523b395c55d459b728da00bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
11fd4749d82c8bda850f11effd5980bb

SHA1
c3537b0651e0886e060f1bd36acfaac53443e3b5

SHA256
db13ed98a40c0ae65709fc7e373fb17a7421f09f0b3477a033d29d17ce922254

SHA512
70d4ab4e5e3cf4dbb89b2fe47a6d50ccb1b965797483634be03dfca5667e3a979b611946efd20c39fe4991744d2604949ededbb3133b10bd70fe5ab7d1cefda0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e4ce7ef1976450405ed887717142a589

SHA1
de92edc4fffa21a7518b6e4e4bc4b289da64d4d4

SHA256
10b1f701544a16d4b3c8b18fa30edc689f2bf37e271ec51e400b5b63749242aa

SHA512
25cab7892dd9e97cacdfe849a53ce87dc584c06b16c112ddac5d8ff214d95c193def8c882acef42ce31211567cbe579d1872bb4676a49a64948e328bd443de67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a73023a21e9cc1d2d194b1863a8fdd64

SHA1
4af9acae36646f9baa2a155735aa40cdc98c1bf9

SHA256
f433c13b8df2a5a1ffc25622220804b80c4c62b6fb719e8043a34dd2ce43420c

SHA512
dfe24605d35576e43aeacd3ceb21bc9acb27be76d9a097905c3edbc57511652555d2c8e8fc77cb7edff745db25bda6ceb80e0122af872688748c7a4b1100cd83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
44accf29e9ac03210badd23a91da1e78

SHA1
2ef2ed7f8cffc7b9298ba7dbb80336584d221e16

SHA256
8554737586679c3ff1d6a47801b58267c7cc38dc017fec76c162f98588e82353

SHA512
ec6ae7fea5474b7f81223b97ff744c8675883d0fc9d8f86f0238d6da66ffa935b9a9dcb76fed6d3078ab7a8dee8f61b0c3b507fa9aa54d4c4e1972de838985ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
14cef41d6502fd1839cf0dfeac1d8e70

SHA1
f1134be2658f558df45dff2ec4e96fa24ddf6ebc

SHA256
c23858c1b3bfdb08eac65eb9cd3401d93b95551b72dc150fe0f3a3ec50ed7b4a

SHA512
d4ad88cacb38891d843078f23ba0a3189b882ae9adba964187723f7a14eb5d9a36f5c7fcdbc002fe64626665435f02a5d3cdabff2cea638cfa2715f16ea80e5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f3f9ab2f7e757586d82d544e1d01b43a

SHA1
759ff4a57d4eff42b2c56b1823dbfc357f0b0016

SHA256
7f96784b4edc6d82320552d4cf0b2ac06a77d5a92adbeff7d098ad614eecba5b

SHA512
111ff4efd111f4e16d994f2aa01bccf00fe1a0a616061ab61c407ad125a4db91e1d828ce6b46523079ad0ea92f01afbd5c7b15ef8e29d0d38439269847e21a5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
934f0baca9a86f1136e4ae7b9f1e5ac6

SHA1
944865d76a1e4a2847cad60d90a672d68a9cc53c

SHA256
2b988b8ce7a0e0a81f8cf3efc06b9d8102c487f2f5e1c3f9ede97072549fe2b9

SHA512
661375fafdbebcc6be4a86070a5b6f97c432c6f917c2fb60ff8ecf6276c595b9f7cbe499173b48faf242933c0aaca5d9792d5c2371779e876d6233e0788a9f51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7bc5e1d554a14f5a3cf11c37b8bd4655

SHA1
40c9046aab443c638a6ba3442971b6d2d38bc634

SHA256
dd39557910cce86958781d05be5a80cf1885c333dc57acbd461bd76d82c28281

SHA512
f873f6c87a311b5dfd52edbc1235b97a7fa741fecea51f8d6e63a97c39853fe0653e58f5ed2207e2dc7ebe7924e688af50a9ac974d8f2ebc507c467dd5618377

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587e34.TMP

Filesize
370B

MD5
0e3ab4477a416fb09d7d96fcd25343bb

SHA1
0eb9559b3fa2c0ea4c680e5e45ce7da5a3b7f39e

SHA256
85db6150f7837215763578000d7737717a0f25f2046f6240d563d4b952131ab7

SHA512
05a7dc77471c1508c7e567033ed974befb6f81fd1067ec56fd83781e4d6485a898a8adfb780784ef77854df28dc649fdcbe1854fafa7f209859e16a1408402c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1392bdc7c4b92338a678aa4c0ef2da42

SHA1
1f887603f9ed2106787f784b388e3e923ac0cc22

SHA256
ba698f3b2f275ffa13ebde184659aa60d74225bedec2b69503bc92e7157fe500

SHA512
a88bf12534a3e6f25371049ff7d898caec11cee049043857fe5064d95770d0166a6966e112782709a4debc525636eb47e98ed00aa2c544e792d0c1fc9da728d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
19029de06dbe89b0015e01e68af93059

SHA1
5bf68be60e1df83379f0339390ff7843df086183

SHA256
88a41b77cc9a95780f5a4bf94bd9768dc15ec6363688c2e3feb6fb436256dbc8

SHA512
e7155ec90d48716aba4bb96f8824b2dc541317efbf1ded042ccfc930cd0445f545f89efc2927f9db869d1b390f8988d8ba9d01400295f94bc7e09d970846f7fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7797189a1258cfd2da2221e8e546ccbc

SHA1
00a5447ec805e1755f4209bb7c50dd7621e7958d

SHA256
9a5e03f3e714b7ef847f41a19d81dad81e5372d16e5f61744298fac00ed48e00

SHA512
545b73477453b925dde2c3e24d2f651ac5490832e2219ce42e93f42e92faa4ea5cb4d316bf9b6159b3322d39a0599dc823006c7a82498d5eae2eb880821210ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f6157569ec3ebe6c8047ae5835583611

SHA1
2e0b5a8ffbaae2322dfab9511609675d9e4323a2

SHA256
087a93f4c78c796d4bfee432a4b59a87dc0ce57cba74f0e38d81af7e7210081e

SHA512
42084c33cfad48dc1c1303e930a9b8db07d12c6b3e146b66240513b4982243ff0fdd2aee0cefc7b736eafee44865a6f4a7df2cb9620bc56e3c07402196cdbe9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0cbcf853a152ca0b38c9aae79ce6d4a5

SHA1
2049bf325bf1b9c7ba5e032159821b59445df58b

SHA256
30d346099b96884b83916ed793b3aea1b4f2f7c42cd3a105dd9ba9e25c70d857

SHA512
536cea42130da7419d83cf4902afd5d3aa0f301763bed5acbbfe824bc766bf604fb9b5e669b3832b6e1b2a1f6159291610959c0c0bbdddb514ae0be37b5f45d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2b6d81fbfb3576838841f44e339e7d03

SHA1
e2e0d945924ca265fd1a28a6cbc4b1518d61d7fa

SHA256
8516706d5195b4ecda9a3fe55c761fae65cf860f1eb172185b1e3632ec8343f7

SHA512
e961740b67e03ecbd2945d94a2f774895cb9ce45924394d546d4a653c8226bbc9cd37fbdbfb98b437d18cb68d6189d1d02c8d6da9b06b7f817cd2daff1878fba

Download Submit
C:\Users\Admin\Downloads\Sin confirmar 875249.crdownload

Filesize
12.1MB

MD5
c783c73fd3b91ea1bc82d0505252baea

SHA1
bc18d717daa70f480ae1a18b3995adfc63800898

SHA256
66620a1b56658de7c44954cee362da73aad69a223cb65f5225e60bd4b2e11b51

SHA512
502210fd47bde3bf5a6c1e322b17f877c9e36076d0a36d6f732b54714541f66f8aec08f9f610f1ad6626ed3611fb11c2dc29637e62eb0d5dcc836778c2d28692

Download Submit
C:\Users\Admin\Downloads\release.zip

Filesize
445KB

MD5
06a4fcd5eb3a39d7f50a0709de9900db

SHA1
50d089e915f69313a5187569cda4e6dec2d55ca7

SHA256
c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97

SHA512
75e5f637fd3282d088b1c0c1efd0de8a128f681e4ac66d6303d205471fe68b4fbf0356a21d803aff2cca6def455abad8619fedc8c7d51e574640eda0df561f9b

Download Submit
C:\Users\Admin\Downloads\release\Client-built.exe

Filesize
78KB

MD5
0d463851dc69feb1520a62d0f017bc0c

SHA1
ae151293b8fce60bae3a21f563cd3525fa09b4b1

SHA256
37744417e2f57342af234df769a4a8f179798684f8345bcfe7dda2bf40b3799a

SHA512
82bf3015d7e6d115031789ee51526d82d0336a706f19ad0b8a4e4226fcba123c3a10836b31bec85e9294fe2efd357d5579ca9f60ebf3c6114f3e0414e927928c

Download Submit
memory/232-1270-0x00000000083A0000-0x00000000084A2000-memory.dmp

Filesize
1.0MB

Download
memory/232-587-0x0000000000700000-0x0000000000708000-memory.dmp

Filesize
32KB

Download
memory/232-588-0x0000000005610000-0x0000000005BB4000-memory.dmp

Filesize
5.6MB

Download
memory/232-589-0x0000000005100000-0x0000000005192000-memory.dmp

Filesize
584KB

Download
memory/232-590-0x00000000052C0000-0x00000000052CA000-memory.dmp

Filesize
40KB

Download
memory/232-652-0x0000000000F60000-0x0000000001082000-memory.dmp

Filesize
1.1MB

Download
memory/4088-1297-0x000002A13A470000-0x000002A13A488000-memory.dmp

Filesize
96KB

Download
memory/5360-1277-0x00000208F0490000-0x00000208F09B8000-memory.dmp

Filesize
5.2MB

Download
memory/5360-1276-0x00000208D5920000-0x00000208D5960000-memory.dmp

Filesize
256KB

Download
memory/5360-1275-0x00000208EFB90000-0x00000208EFD52000-memory.dmp

Filesize
1.8MB

Download
memory/5360-1274-0x00000208D5500000-0x00000208D5518000-memory.dmp

Filesize
96KB

Download
memory/5360-1311-0x00000208F0070000-0x00000208F0172000-memory.dmp

Filesize
1.0MB

Download