meduza | hxxps://github[.]com/kiberkingfakenews/Wave-Executor

Analysis

max time kernel
288s
max time network
295s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10-12-2024 19:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/kiberkingfakenews/Wave-Executor

Score

10^/10

meduza discovery motw phishing stealer

Malware Config

Extracted

Family

meduza

109.107.181.162

Attributes

anti_dbg
true
anti_vm
true
build_name
6
extensions
none
grabber_max_size
1.048576e+06
links
none
port
15666
self_destruct
true

Signatures

Meduza
Meduza is a crypto wallet and info stealer written in C++.
stealer meduza

Meduza Stealer payload 4 IoCs

resource	yara_rule
behavioral1/memory/5668-2680-0x0000000140000000-0x000000014013E000-memory.dmp	family_meduza
behavioral1/memory/5668-2681-0x0000000140000000-0x000000014013E000-memory.dmp	family_meduza
behavioral1/memory/6756-2692-0x0000000140000000-0x000000014013E000-memory.dmp	family_meduza
behavioral1/memory/964-2694-0x0000000140000000-0x000000014013E000-memory.dmp	family_meduza

Meduza family
meduza

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
642	camo.githubusercontent.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
379	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Suspicious use of SetThreadContext 3 IoCs

description	pid	Process	procid_target
PID 4764 set thread context of 5668	4764	setup7.0.exe	236
PID 5240 set thread context of 6756	5240	setup7.0.exe	238
PID 6616 set thread context of 964	6616	setup7.0.exe	242

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 22 IoCs

pid	Process
4716	msedge.exe
4716	msedge.exe
3336	msedge.exe
3336	msedge.exe
4456	identity_helper.exe
4456	identity_helper.exe
2628	msedge.exe
2628	msedge.exe
396	Wave.exe
396	Wave.exe
5436	Wave.exe
5436	Wave.exe
5784	Wave.exe
5784	Wave.exe
6108	msedge.exe
6108	msedge.exe
6108	msedge.exe
6108	msedge.exe
6036	Wave.exe
6036	Wave.exe
3124	msedge.exe
3124	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	396	Wave.exe
Token: SeIncreaseQuotaPrivilege	396	Wave.exe
Token: SeSecurityPrivilege	396	Wave.exe
Token: SeTakeOwnershipPrivilege	396	Wave.exe
Token: SeLoadDriverPrivilege	396	Wave.exe
Token: SeSystemProfilePrivilege	396	Wave.exe
Token: SeSystemtimePrivilege	396	Wave.exe
Token: SeProfSingleProcessPrivilege	396	Wave.exe
Token: SeIncBasePriorityPrivilege	396	Wave.exe
Token: SeCreatePagefilePrivilege	396	Wave.exe
Token: SeBackupPrivilege	396	Wave.exe
Token: SeRestorePrivilege	396	Wave.exe
Token: SeShutdownPrivilege	396	Wave.exe
Token: SeDebugPrivilege	396	Wave.exe
Token: SeSystemEnvironmentPrivilege	396	Wave.exe
Token: SeRemoteShutdownPrivilege	396	Wave.exe
Token: SeUndockPrivilege	396	Wave.exe
Token: SeManageVolumePrivilege	396	Wave.exe
Token: 33	396	Wave.exe
Token: 34	396	Wave.exe
Token: 35	396	Wave.exe
Token: 36	396	Wave.exe
Token: SeDebugPrivilege	5436	Wave.exe
Token: SeIncreaseQuotaPrivilege	5436	Wave.exe
Token: SeSecurityPrivilege	5436	Wave.exe
Token: SeTakeOwnershipPrivilege	5436	Wave.exe
Token: SeLoadDriverPrivilege	5436	Wave.exe
Token: SeSystemProfilePrivilege	5436	Wave.exe
Token: SeSystemtimePrivilege	5436	Wave.exe
Token: SeProfSingleProcessPrivilege	5436	Wave.exe
Token: SeIncBasePriorityPrivilege	5436	Wave.exe
Token: SeCreatePagefilePrivilege	5436	Wave.exe
Token: SeBackupPrivilege	5436	Wave.exe
Token: SeRestorePrivilege	5436	Wave.exe
Token: SeShutdownPrivilege	5436	Wave.exe
Token: SeDebugPrivilege	5436	Wave.exe
Token: SeSystemEnvironmentPrivilege	5436	Wave.exe
Token: SeRemoteShutdownPrivilege	5436	Wave.exe
Token: SeUndockPrivilege	5436	Wave.exe
Token: SeManageVolumePrivilege	5436	Wave.exe
Token: 33	5436	Wave.exe
Token: 34	5436	Wave.exe
Token: 35	5436	Wave.exe
Token: 36	5436	Wave.exe
Token: SeDebugPrivilege	5784	Wave.exe
Token: SeIncreaseQuotaPrivilege	5784	Wave.exe
Token: SeSecurityPrivilege	5784	Wave.exe
Token: SeTakeOwnershipPrivilege	5784	Wave.exe
Token: SeLoadDriverPrivilege	5784	Wave.exe
Token: SeSystemProfilePrivilege	5784	Wave.exe
Token: SeSystemtimePrivilege	5784	Wave.exe
Token: SeProfSingleProcessPrivilege	5784	Wave.exe
Token: SeIncBasePriorityPrivilege	5784	Wave.exe
Token: SeCreatePagefilePrivilege	5784	Wave.exe
Token: SeBackupPrivilege	5784	Wave.exe
Token: SeRestorePrivilege	5784	Wave.exe
Token: SeShutdownPrivilege	5784	Wave.exe
Token: SeDebugPrivilege	5784	Wave.exe
Token: SeSystemEnvironmentPrivilege	5784	Wave.exe
Token: SeRemoteShutdownPrivilege	5784	Wave.exe
Token: SeUndockPrivilege	5784	Wave.exe
Token: SeManageVolumePrivilege	5784	Wave.exe
Token: 33	5784	Wave.exe
Token: 34	5784	Wave.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe
3336	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3336 wrote to memory of 2632	3336	msedge.exe	83
PID 3336 wrote to memory of 2632	3336	msedge.exe	83
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 228	3336	msedge.exe	84
PID 3336 wrote to memory of 4716	3336	msedge.exe	85
PID 3336 wrote to memory of 4716	3336	msedge.exe	85
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86
PID 3336 wrote to memory of 4704	3336	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/kiberkingfakenews/Wave-Executor
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd38d46f8,0x7ffbd38d4708,0x7ffbd38d4718
  2⤵
  PID:2632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 /prefetch:8
  2⤵
  PID:2896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5636 /prefetch:8
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1984 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
  2⤵
  PID:5704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7360 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8604 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9120 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
  2⤵
  PID:6304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
  2⤵
  PID:6516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9656 /prefetch:1
  2⤵
  PID:6524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
  2⤵
  PID:7096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
  2⤵
  PID:6916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
  2⤵
  PID:6908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8924 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8032 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9756 /prefetch:1
  2⤵
  PID:6760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8264 /prefetch:1
  2⤵
  PID:6320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1
  2⤵
  PID:6544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7296 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1
  2⤵
  PID:6660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9688 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9912 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10076 /prefetch:1
  2⤵
  PID:6728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1
  2⤵
  PID:7048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10012 /prefetch:1
  2⤵
  PID:7000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
  2⤵
  PID:6420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:6416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
  2⤵
  PID:6160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9272 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8360 /prefetch:1
  2⤵
  PID:6848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
  2⤵
  PID:6900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
  2⤵
  PID:6952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10144 /prefetch:1
  2⤵
  PID:7044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
  2⤵
  PID:6176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9892 /prefetch:1
  2⤵
  PID:6708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10216 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8852 /prefetch:1
  2⤵
  PID:6472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9768 /prefetch:1
  2⤵
  PID:6896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8444 /prefetch:1
  2⤵
  PID:6440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9932 /prefetch:1
  2⤵
  PID:5732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10060 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9244 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9540 /prefetch:1
  2⤵
  PID:5680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6796 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
  2⤵
  PID:444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7000 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
  2⤵
  PID:6820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  PID:7084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9248 /prefetch:1
  2⤵
  PID:6780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9292 /prefetch:1
  2⤵
  PID:6272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8840 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9256 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6276 /prefetch:8
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:6404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9764 /prefetch:1
  2⤵
  PID:6824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9540 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10060 /prefetch:1
  2⤵
  PID:6280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,12375619602603349015,11358329231002107603,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10116 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3124

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1932

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1772

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4496

C:\Users\Admin\Documents\Wave\Wave.exe
"C:\Users\Admin\Documents\Wave\Wave.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:396

C:\Users\Admin\Documents\Wave\Wave.exe
"C:\Users\Admin\Documents\Wave\Wave.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:5436

C:\Users\Admin\Documents\Wave\Wave.exe
"C:\Users\Admin\Documents\Wave\Wave.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:5784

C:\Users\Admin\Documents\Wave\Wave.exe
"C:\Users\Admin\Documents\Wave\Wave.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:6036

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x470 0x2f8
1⤵
PID:7140

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:208

C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
"C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe"
1⤵
- Suspicious use of SetThreadContext
PID:4764
- C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  2⤵
  PID:5668

C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
"C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe"
1⤵
- Suspicious use of SetThreadContext
PID:5240
- C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  2⤵
  PID:6756

C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
"C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe"
1⤵
- Suspicious use of SetThreadContext
PID:6616
- C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  C:\Users\Admin\Downloads\Setup5.0\setup7.0\setup7.0.exe
  2⤵
  PID:964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
18KB

MD5
8bd66dfc42a1353c5e996cd88dc1501f

SHA1
dc779a25ab37913f3198eb6f8c4d89e2a05635a6

SHA256
ef8772f5b2cf54057e1cfb7cb2e61f09cbd20db5ee307133caf517831a5df839

SHA512
203a46b2d09da788614b86480d81769011c7d42e833fa33a19e99c86a987a3bd8755b89906b9fd0497a80a5cf27f1c5e795a66fe3d1c4a921667ec745ccf22f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
68KB

MD5
a8341ca73b534f205f2d0b374ac19435

SHA1
bcada16644b1f906d8af52524cf4270144055fdf

SHA256
8598b733a6c0efe8bd5df94d41cc6e802295c5cd21311f565bb3aa5976a4515a

SHA512
b73e0fcafddf994c3bf40839c8ef3ee277f43d4378b354733e4e316fd735af33ce65f6469f2c5d3165f2a344797445403c8c33e4e4a4ec8a8e8084182d76865d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
16KB

MD5
85a4a6197284d08fa343c20d093a7705

SHA1
0591e1629cb04c94153dd93bf1224b4b56c33d0a

SHA256
dbbbde199353660c80ef612f70b99dc4cd33524395e805575283d5179b99cc19

SHA512
a883a1ebab93cc584cb3703d41b34d6b16d29a5d7ad6c19408257ee2e61a736fb11ee84540bdd36ddabaf6589c5d79ce50e8aca07d19b63d3c1f5a501431c080

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
42KB

MD5
23d5f558755a9d58eef69b2bfc9a5d99

SHA1
fa43092cb330dff8dc6c572cb8703b92286219f6

SHA256
6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf

SHA512
9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
16KB

MD5
bd17d16b6e95e4eb8911300c70d546f7

SHA1
847036a00e4e390b67f5c22bf7b531179be344d7

SHA256
9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352

SHA512
f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
17KB

MD5
663d0d0966d3e0fe61cb9cd631c35c4c

SHA1
d371a2344f891ad2dc585f66eee08f4330634184

SHA256
97577b7db223876f9a048ad8833c7b55726ed464d8e9d34c303c171a6f32d7e2

SHA512
75be36c722dca266a10e3d8003d7b68906e25f369d9009c6778ecf2f3a4074b6c6307e37eafbd5e9cd755c2a850579df765a1d1d7be1caabd17bf0b426a65d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
20KB

MD5
7a807cc47744045e9e7c4051ad36f574

SHA1
ec603c0233567b0714a951d45cffbb6b098ddbf6

SHA256
97f397af4a333710cfdcee3391cb32b0b0636f29e8237b1b112f473d776c5739

SHA512
e67af2f7e03b3b3dcb5bf8d0220042f01b31d64799c114b42f338e14922f39f26da151cd00e427ddad1dfbdd5d9af582653988ef0c4c068f8848419d0b1d20a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
33KB

MD5
3978b81de4f3d427f17da4563660d859

SHA1
65588e5d125f3433b0794de3ac582aceca4df7c0

SHA256
2e7cf4287fadd66ee47b3846f0d6c548a820fc7f0c3eef7d8806d8b1a6cd0f4a

SHA512
793e211a81e21b01603c2a1cbff5a86f9fd3e344d2c2017aba5381408929b9abfc301436506a6293f3062215f5429d364cbef9b934518893ceac51b63dc12c47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
142KB

MD5
161dcab360eeb22bfea2742e343563ea

SHA1
0f3893ec840f616eece399a04b121d434aabfba1

SHA256
923842bc2fbf3b35b91ae545d9557b86a5035629010d850351edfb85fb78d13a

SHA512
1bf7fee2c075bac3d94c6ab3c0fdf1e3ccf6c019f0ccb4f45e44a7fe8553579451def58b1cf93239fb6005ae6cb1f389b9eb86dadb99c13707a0a85cf6ed90f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
20KB

MD5
e7bd1ba2babf94f26c0c076573bfbd37

SHA1
b3828f2cb9ace1de384ed2b365755a3096632375

SHA256
1091f1c2992d61acb03d517fb7fe2e2080938e8305ef134d456c8d677cb21044

SHA512
fefdf2416d99ea9e8e5cba601a04a724b820172f311983375dfb6801f17757d9ad9ff4f767900a13f0f9b36b77cf98179eae571ae0e7f0d5a8b55ed824717da6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
60KB

MD5
9f355f55183cf998409dae07bd87b4f2

SHA1
3444b657fefb5f4d6fe8a53def4e9f143fbdf19a

SHA256
86587d36052b7fa854a15d45b7dcde746cee62e5073458c74b0438a03b5e1908

SHA512
d4382effd084bd8e8d4852c0d59fab03a3cce65dced7845fe69c66d50ce03295dfc6e54632dca08c9dd3307fc47e429357f8b58a017198d8c0523584a16253de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
95KB

MD5
4c5209efa896f922d7a24ab65892a648

SHA1
7526f9a2f8258e0a32363616311d97f8c65d6d59

SHA256
d23037b813c7ab9dacf72ba4458ef83ffc5099a66284f8260fc601164a81df5a

SHA512
b3e35a0bf6e7bf76c83d510b8c272c8ea193fd0855a3a92c5dbfbb0389b3e478fe39d439d10a84495a61fdf3a7bd8e7d41620091bfa791ccf1c62753d67a547c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
153KB

MD5
1b2731006f2b2597b02859e501bc2d4c

SHA1
118d27a703cef3fb083593a56bbc93e62420f30a

SHA256
59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd

SHA512
f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
27KB

MD5
dc654d5da1a531fdb3b1bedb619b0182

SHA1
49d3de45bea7c279cf0ffe4cbc43c24779d1877a

SHA256
b395c195a5854253500b3b210e585ec801a47b49ce7b90fa5a9717df387598fa

SHA512
38952929cbf8e103cad50007cb492c93a7feb8d9d1853773883e2771cc97e50d6a514cb6347c912e7945d126a35677cca854ce8542e2210d7e59799238bae8fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
154KB

MD5
08b4f74b0f50627fcc78b9a64a990da0

SHA1
496d22d3a2d948fa08f2bdc7a6830181b020e0c4

SHA256
bc27dfa27bc16db968429be818e371a76c263757aa999bdb00fb81e435ac5a20

SHA512
0231fcd6267ddee0f075f8230e9590a19660caada143e7acd21dd6c18e34032595b0aff9baeb0c5fd9124de6a677d1c5f93870a5a0c583dd9034c07933b321de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
89KB

MD5
46b7aa4ed2ae68a980b4a4c243ba4a5f

SHA1
4cb18ecbde66e2908dce7b57fce74deaae6815b6

SHA256
1500b653ae66e4e2ea6131cb6fb9c400457d5f3ff6cc6cd6aaabe440424993b5

SHA512
91f92742b777ce3720678567e5dc494e4a8be58eb7173c825713f9aaff9270fe94024201bf160a1691eb8a4457f8cc5b230705e66ae22907a219b06ec8e0932e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
84KB

MD5
1b181460e807f7e99048ec3e9f657b4b

SHA1
43ce43652741f876113b55c443f48315193aee23

SHA256
e7b7de3778c52c4d5714cd74ad2973bd64bf8e60a7d5c246d66674be4319c786

SHA512
23487b7fcff4944fa6f254ae9c707809bb1d52dfced32c8502620553982b191e2284d2752be478802d28747d1b8558c5f05bc103a921ff8c6f90e6072d9d51e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
20KB

MD5
f6703bf0a4d7569d9f975f677939f3c7

SHA1
3470a0a5015890051f11eedec03aadede5821110

SHA256
935549157a343becd79e0bf4614c11322e0e37d33052c052766eead36f01d6c6

SHA512
8ce3e91e89cca88a210e13928bd578a485fdc6f0443754cf296888525da0c4c24bc5919a5e35d045a8d8effa60a9ed971080ee1a0ce9cb8939f8b6c4d17e0096

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
89KB

MD5
25773c76461129ff531e79c488ad2765

SHA1
690e832e6a822aeddf8e6bcd423e349eaabc2d31

SHA256
24c35a06939b0874653c936e1dea752167202abf930da473875e93cb6e97aeb9

SHA512
93f5ec2e3da8fb1294506299251f3b13a0bff72e9d970189f5ecf4938e3aeb30eec84f9c799230ea089c854978018c895400310102a212a6e10b499e65a20f18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
124KB

MD5
ac2643995e3978a79c5ab0982f29bb96

SHA1
a8e8195a8a96ab62d75c5d62229d87b33420decf

SHA256
3777c16917cf3f01f3c91173906993253f1ea5159e37955ad30b70dde44130ae

SHA512
0d76a1ab5d5a2ba1428a749f8be77bc37463a0c69f9382521add692fd949dcbe4e9c3d302018222869efff65100e35e40bf9388ca5afeff99697af3a1866e730

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
28KB

MD5
82f5ecea0d36555b3e99f6267a1d71f2

SHA1
0207d91f8383a722b487b97b7481ee92ea9662fe

SHA256
e4fc89a3b03ff4ba4f294e17b55448fe917da61326c3d76e945d7ad0db04f155

SHA512
70d973fcc4b2ac5258f259a26fa7deaa4ff3ab8bd82b4dbaabf50c9ee680bdf25c2454ea7addce081aa6a458915b1c7d861b317ba7b45b361a086a9c1d691d35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
43KB

MD5
5337681d1dff81a4f4f5dca65cbce5ae

SHA1
a271a1ce63cf89555fbee60a4eb8f84b8f12e4f1

SHA256
dc42a734c12a6629ee9e9dad0e12bdbd5c8d2183a9c92d173ea7bc44a5f28b44

SHA512
7bf3b1d76c96434357a94979b470bf5909e70112f119211ee94d2adb8ae27a9f2e0d1d1cfec48d4c985405b9650b05b95971fb4d9e406bca8a3a8ccecd988df5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

Filesize
20KB

MD5
1353af89ddfafdbf9648f1ab86680be3

SHA1
80cfb33c2d62b19d93597781199f0a54e70187b8

SHA256
e43d4b189f04dae087a5fdb46f960909807739ee92329d6ddb1a48dab65b1087

SHA512
be9f346731beaf56fee44981a0d91dacdc83282e802ea0ccdb08be62311ac97c44302e2d1d19154ed1cfbcd97c263cc2c83f1683210658919f192b6719fe6643

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
67KB

MD5
bcfda9afc202574572f0247968812014

SHA1
80f8af2d5d2f978a3969a56256aace20e893fb3f

SHA256
7c970cd163690addf4a69faf5aea65e7f083ca549f75a66d04a73cb793a00f91

SHA512
508ca6011abb2ec4345c3b80bd89979151fee0a0de851f69b7aa06e69c89f6d8c3b6144f2f4715112c896c5b8a3e3e9cd49b05c9b507602d7f0d6b10061b17bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
20KB

MD5
1e517370dab856f71cc8ab9ed6efc03e

SHA1
41f8518a44bdc2beb7e8ea3efafa75e79b795ed7

SHA256
2276d0d7601175db761384b244100741538e9e59272e7bcfd3949fab5ec4f324

SHA512
7f757cc003f948631aa1c9b1fd33e0c3a7dcafcaa83d1097f69e7113cf108e227e2b37818f432994451f5a50c4866cc072b57578bfc4f6981c7d48244172cd4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

Filesize
20KB

MD5
2bb242bfd89e2b49e2b7234045ef7d23

SHA1
845db51ae72e25ccd8895c3915f9c21c6bc98ff1

SHA256
a5fa33ede1b14967d581d664ee1269b65b36603caf7e37ec0de63d72ccd3944a

SHA512
131bdc258e74cdcf284423cd196ccb91cd97a2ac617da20edd895709c3b7570ca2b03a5fe10497acf70ee177534ad0ec7eec1843ec1fb366b622636c3ead092d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

Filesize
92KB

MD5
3152ba7cb9d46aab3752c03594e4be7e

SHA1
a98f54ca5530e00f962a94b74865ea1d5d4c6137

SHA256
4795acc8ff7c7ff8cbf52ec08bfdcdbefebe8d500c3d47456bdc33ed337999c2

SHA512
f8256074c07009afc27a710eb9687623697a54318ccff3133281bdb7d075c166a2adcd19f08161ca3c678ac48225d00bbc254c6cef5bf22e01440c7cbeea2736

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

Filesize
25KB

MD5
7f5ad7804f1c81008a9ba15423b85218

SHA1
1a84954fdee3706b503045647080bc2155af6c36

SHA256
286bd4ad57fe196df689a5089ecfb6b74a2f98b3d7d69ec4202b08b037fb6a54

SHA512
4e5ddcfeb8bd037cfbcb038369b205cbd385ce44b5b3a191b332c969913422375e3942d2f72ce68b36901d905901dc17169d6da5ba669f473d899b0f5df81fee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

Filesize
45KB

MD5
824cde9feacf845bf5bc2ad620570b7d

SHA1
57f4fb7aaad05817a066bc3715f0dca745b347e0

SHA256
dcfdf9ef47aeb38edf3a9f02a9a15f704beac1d3b0985a90b7bb759fd910e035

SHA512
848776369fae179bcfbb4ad4e4bab2ecff8df2fc22228205e7d68ef0cbd8be3464df00f00853cf4b2b59734314ee286379029cc4f248d1279ef7d5f2a6fbf037

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

Filesize
56KB

MD5
9f55c195d4b6f0495ab50d4db755f8a4

SHA1
aeaae76f897574d1b55b1c2948c004023c655e39

SHA256
f5f3780e2c088f1637faaddcffd735017eb864329b617e73a93829a52ae800c1

SHA512
234e414108762310a05223b6535cafdac25238d79e78eb23a390d1e8eb0adf26be49d4df5f9288ec6035490afe60ba7b603388db3e7c56409a675a7a153ce1ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

Filesize
21KB

MD5
311b4f580d39bdbde74098081db38a21

SHA1
a5eea3b76122b3df0dc7912d6a1afeffdc8af5a4

SHA256
a196756252d1eb710920e7d7cdf168f7a97d3604a764c19583b296b7e897035f

SHA512
d37f62f7841864dceb305cbff622de0fa14077caa9a0018eec02df011601399166d744ddff58d05a585368d06218cbd521f598418da26f166b510f91ef958e54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

Filesize
21KB

MD5
8bda5da1ad9192a20bdcc6d33c260ee1

SHA1
3283fe4d007166545acdd186ae0d6014c62f51b4

SHA256
da019a10628b442bc4832d7cda71ddec1d9d35f5d2fe1183999169b220c69025

SHA512
7b7dcf0daf8c96411f48c6e79ddb2834f074af249d2e9c86f97fb97b3466a7acdd03b8d89c0cbc532b97796a3b667e866acc7ff74de3cf06f21e4612638de434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

Filesize
26KB

MD5
e024df2e1a63c4f86df960c9091b758d

SHA1
dae3b6f2dfeae8f435cbfd8d0fbe8ed1fe331404

SHA256
f29be5bb2924838122b0de0ac76295a491a48a3e138d0ea702113df005b06f0b

SHA512
d159409715148d82853a536f472015cecbcc44894a37b5a305857c973d3ade22f04e3673de645ad695a050eb3a0b5d03b79b1e0ac62ef9d3d5b03f97119944f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

Filesize
22KB

MD5
358f79e3a81c332dec39af969dc3fe50

SHA1
7a569802bc6eef6ee40a95091b58b1628bc18652

SHA256
f41cc783169cdb514c8fffe73c78690fc6fbfca37ca03a5adc7fc13bff5f5c93

SHA512
f098ed675747169631ca9cab4955a3f253e395569df618f3bba31bc9a45b9fb10f8d716de55e511bde9ca14a07b024fbdf6ed5315463333be00cd58d71771927

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

Filesize
40KB

MD5
01edd3416f150654fc8f8f66b84d53d0

SHA1
80d6581066e9258a7309c5c155dc1ab95805d20f

SHA256
d60d9b32affe3f8211037e73f07d5102a211d6865b964686c07a31c598a72dcf

SHA512
9d615c18f6e7e832fa19f988293179aecddbcc58ce201ea993745b1b28b23ea81408b232c57ad630ca2438ace3a4f8a16d1722ea4c7e7e7b36862fd61d37690a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
234KB

MD5
ad1c700628954f1c1a69f9279e71c19c

SHA1
17719ba875d63b25a2723a9cae756d0cf58d2726

SHA256
3ef62ad0afedd2207724280a05a7dc31fde16bdc0d9f76d58719e2ebb5385aab

SHA512
e738ae2a17541f18a876cdbdd4dbd3fa1a3b29b1972496a9b6011c72116f60416428f6a5876b9e78e8e3070c3eeb8a2a68697aca803cca643f72fd1fcb182bda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008f

Filesize
18KB

MD5
c83e4437a53d7f849f9d32df3d6b68f3

SHA1
fabea5ad92ed3e2431659b02e7624df30d0c6bbc

SHA256
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

SHA512
c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092

Filesize
49KB

MD5
c107c51cfe4528231af0bd0b65d14fb0

SHA1
14d634538d16493d43a33785290171bc9c336d78

SHA256
ce331329395cb1ac9c29271b6d3e3f38f1fa53b04c9c576ce40044b74fc1fe3e

SHA512
888e676c2aa461c4b7aea8cd4391d7ce50a9c73d2f14afd088f648f89ba47e4bfe14b7ae641fddec93a619f42d6b0fa9c20bb5ff68896082121354c81d7e6c70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

Filesize
633KB

MD5
895ee120ce79f4564e62930bb66fe594

SHA1
7a963ae0ad3fc46e717e4101fdafb216d76cd600

SHA256
6d5fd5b8aefd03195020ea9c0ad2838c006f270668462e92456bbdf10683fb53

SHA512
d6182bbe0aaf0f81a077675c3e819f5513110e97713bc9c920d5f50eaa45478dca7b84033a9a3212711e7ef6d409ebea1c2fae44e99514e2f2e963677d705ad3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

Filesize
2.3MB

MD5
d7d4d1c2aa4cbda1118cd1a9ba8c8092

SHA1
0935cb34d76369f11ec09c1af2f0320699687bec

SHA256
3a82d1297c523205405817a019d3923c8f6c8b4802e4e4676d562b17973b21ea

SHA512
d96d6769afc7af04b80a863895009cd79c8c1f9f68d8631829484611dfce7d4f1c75fc9b54157482975c6968a46e635e533d0cad687ef856ddc81ab3444bb553

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\235d2b0483dba8c9_0

Filesize
391KB

MD5
aa76db7495e24a12caf4629e941add8b

SHA1
69bf1f1e7435761407b37c3c795738a342ca9461

SHA256
e294f6d7f43dba74d34433aeccc719d1eacd3e5a68efbc446843c81de99788e3

SHA512
40cf5de5cc219d0eb549cab8d0fa57f4a080dcc64d6de2407938dee963553a70e3cd755e7c2f0aed8556823c7313e159328a01a26b41adab5256035b94d0a958

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0

Filesize
26KB

MD5
55d235e14a96739366dfe8f05b94063a

SHA1
5bf52b0ed1e906da99d9a887cd64b20cab4b4fec

SHA256
3c3dd2efc25d45419500f6ec5a2abb14bdde1a42c8e15f236e483ea22ac39a61

SHA512
d6b239cf432cc81b8f8b667613db424cf9012be835ce93509f3bf5cb443d0f648dad1c589ae4c3821459fb71898263e149df7e38f242ccc7122af8676adedcd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6434d3f997be4ec5_0

Filesize
3KB

MD5
b8b66cd9241d49edf46a2eb67faab0ae

SHA1
0ed8dc6f2d72938e65eebff4c9062b41ae641508

SHA256
97d31ef36dc81f6fcbd0d4f464c29ce6f5008d6aced0cd3b636c97cea81091f9

SHA512
65f659d5e5dacd031d34896475fd49e26dbf552e2ca5eccbcf95fef6da78909d72b142f4f2a0c6a1d29e1b2ef4db4ded7ba655527576445d49a4b09b46a23fc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\805527f81989bf87_0

Filesize
32KB

MD5
db4977ce6bc0e4c20e37060ede0af4ed

SHA1
7ed2c45764471d4a85908f2bdfa4ba8755ad8208

SHA256
a16a997d3ee1f5acb9384484a985ec38cbcfe8fb1759b306fa8f03131a0560c2

SHA512
1ab1eb048f2d68f0cb4c733db20e2c0936b518f7485814fc7cb5d05c43bd16b83f25a3582bac45dfa46e2ab7b80c09280f6a7b746ebc93468424d89e7c42830a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\98ad8c6076bb2047_0

Filesize
31KB

MD5
367e558f3d4aca827151a6534726642e

SHA1
6cd3c97db2c0549b81abf65650624819da168590

SHA256
114cfe290091fb976ae69f1b2a1e11fc75ab930b6ed7f35a061d5ccc744f17f7

SHA512
380b3ead23f0123b75637c46687eb32427a7e31317b660f59281a61973495797a701c90f6380e04fdae5e378de15559a5ba9982e1aeea26f37aac03ec2311c0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0

Filesize
300B

MD5
f9a520968066268cc398a5fcc671e623

SHA1
021e46c65ca3ffa55e11a27543d1650a0e026f1f

SHA256
990975597235235eea2122747cb17892a5ab3d4c8c16e7192d76dac51d367708

SHA512
3f592762294039329faf18638e422f82a08012bd3d31f1da0f8eadf4643c6f1d67021fc159f1c49e84cbaf52af6f99eee6ada33ee1bc9fd754defeb2d1dcc850

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
9bb4ec2311a22ba0ec953d482d8c8baf

SHA1
a623b61dc94ae29998189d9fc6f34a8fa883ba56

SHA256
cdd185180d04a056f9bf38a1493407da6101a51f7373a91d990d49f97711a18a

SHA512
5bb6eec56add62c84c3a062b0a346c6d16e2b4cbc048ede602bd1b50127309be8f683813c5e9dcc12ac6dccb573bbfa402c152fd7fd671273942830c73db622c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
499fd95476c0a3a62d28fbd9692c3f4b

SHA1
07e2f9b33cc47ac5705e1af363a6c32ebfa4be08

SHA256
7c0b1b13ef68b0a3918e61872d0152edca7f8df3f9f741004069d81793b39e76

SHA512
ca4594c859f5b65024ad05991cf506918ba3f1116d1d7377b849d1c58c5a119edac521fd4d897d1ca1e8a59bfc78263487f35cb1c82e8ecf84bc99c7741ae0b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f49c72df4d22ed3a9e8a51be832593ae

SHA1
3977b8a88d566841be86565b785ea69f3192a350

SHA256
ef0453701d966b157e076dea75369967dca98a02f6d9a74477f19a68925e7a88

SHA512
f922b4fe623990b7d9645b602fb3d828fe9a65b00e2605cddefb0bcf6fd427521de8e87b782b0b43678dcbb046e8e976496988df69d925e21ce887c12bb27c2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
496B

MD5
5022b10efc3c6d669ded7960cc594a19

SHA1
a79ad985b345f09f5f4f265ba1867800ab4d3be1

SHA256
a6c395932ed70d3a45247d91c6593b48d6d389a52aa806ad484aef62b63c8e53

SHA512
a496101a7c30b7205f91698eec23c53b52d80a24a2208f3184733b905fd34066163df9688e00856278fc536fd955bcb0d2c62f3561f28718e378a08754c53c00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
712b9f3ac96c676478e654cc0d4bc137

SHA1
209debbfd483b4279a32077dd0bf3bd56109d47e

SHA256
fd790ea73b9f22a5ed4a3ba05558883a2b39a4b99cb8c8a96b2e689688c51408

SHA512
9f7b1ec7f3778d6604bf27ae7599f7bbc04194c1cc48a83ce55b4c595aa073ec98f77b540b303bda2e3181a33046f44540cdee580ce58a61eea359dd1a4733f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
17KB

MD5
6864f754c9c0d0b8f147137d037eaf5c

SHA1
85f2f87fe9c67ca373305159f956e4a85c368948

SHA256
edaf193a3d690d68146760eaa9c3e772da9cda82a6bab18429b22cbd52fbd744

SHA512
21fcdf9c676bbd931ca11ff475e5b1eb57fef8d8d0d9ff70d876fd8cdd515a4bc8d9d1d75b24116089f0a55192bb3b8f20f3a17190dcc6128327526bafd69ad8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c7e2eb64bedfaff89b2c45a8405e80e8

SHA1
3e1ada9aa38a3e58d41362a60c43082b679d5158

SHA256
0d091f9301141dd94e4b9ad8516c83e3ff6ef5249db7ed669a79fd323bb3f64c

SHA512
bde18c784ac9e9804b242e4baf3d95cef26421e8e20121231037147f7e33dd7f8fb62e1de4b358fd2f5fa9db219877faea9f7df092bf19eca3c389c98d63da6e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
e1e658f4476124f9c32368a1554d7e83

SHA1
8b7778724d12df96eff2fa95680d5e387af49b77

SHA256
fcb4dc75c0fd0d5a845952f3580a55e58600b2bfc840c7c0008ca10866251af2

SHA512
4336d43ea99232ecc27729d251c7fd95fe2c5fff1d46c905be8cced2b4f29e203e17740e5ea2df54af3c2188909f7b621fc3d560a25b33326d131f1d6eadad79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
95b2aedcf2bb8939a961d5c3352f259e

SHA1
bf1723c9f89c88f923bd4f2edd0393aa779cd799

SHA256
154813108be94b85c07259d7658f99b34327575de4cb820682163ebfd07bca1e

SHA512
d5f05a75dae0ba28bd677d9170d5b12a501c40af762a4e135a9c31123bbd2d5f00a5405bfd24eeb117ed86f85e386c760886d766ef18ec58c13c6a15c64a1ffc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
b1528d6328ed980a3fec215c0b6c47d6

SHA1
2efc02bb01933476f73367f7cc5bd70d0eb80e85

SHA256
251aaa05560792bed0586639f9d6002c30078be4150a0a6cabfd25fb86e21db8

SHA512
bdf39c3e71ce7189f0f467666853c2e0b73fbb12eb9d83b7e219cc2588a0d257bb9049c598d8c45254555439c84288813c9846c1e9b04b0df24ccef4784dfd85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
3aecbe8a268390b12997fa11a984ef89

SHA1
d65967c47259d35ee67bfc450ccaa43dce447ec8

SHA256
188fb2d8afe8aa63a77622af5a4a42ddd115f3ec0e604de68daa14f27e0567ed

SHA512
cff39773ea0ac0fc5dd18f813bb1218a60371f3c3be7c42e904308c2a5fcce74503c73dd47e0a98f1dfa50102a1d9921631b07abb8f5a834ec9b4baaa110151d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7076ca799fbdd281695479868bf6200a

SHA1
60068de1db4eac3259873f0cf8c3b48ca88ba735

SHA256
8f7fd5756b303a319bc442bd832d0e5e52854492274d924a22151786682ac71d

SHA512
4bf21d0914971147639fccb34805acd45dbf2327d9b1584526a8be8745feefc73f5621180e41e9f4214382fd22f24084cc477af0f8291ddb4026b375186e0124

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
6eab3d8e4aa14bc317aecbebdc9f0c3f

SHA1
ae0d7c2dcbc1e8a27f792a3f185d7f90bc860342

SHA256
bb65734c1ce4d7b971ea8d2cd06483e5fd4e0aec2c38a4b7bee71fc99aad31f8

SHA512
1dab0ee6c44a9672bd62d95bf74b26770652f0ad5b5df48b7bb808232f969a9fab29ad99a3e5651045a07c2aaef7470fcc4129e54a1b0e62b510024fcfdc1cf5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
580ce4180449400c86cee6f90eb5fb0c

SHA1
e72b732f088ee538344621724cd1ed2f143bade2

SHA256
b21d3fecf504134160b39644afadd7dad0bbc3696ee04c66d3c0506786b5ee9f

SHA512
79eeae67c7526a3d4099a04a4b6d1b9458a0f9ca89c62f2a8e090775f3382c889e69914389cc9964d0b284788efd9e0fefcf9ae00243ac7a4374e6a452f7f663

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
2fc5f79ace38e21d9373a5297fe18460

SHA1
e391685973d033c609fe9899f6470f2275dcaf4b

SHA256
8b25be4594c6c97c8de16cd565999ddde3f895c8227926054f5bf8767586bbb1

SHA512
22391d37c973004367e060cd783585d5a52d1386eec4d149fa684dc1fb40242b74a80e5f925297717b667c3f022227c404ed8abee30ef0ce7af3acb1cf609487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\12842c30-51f0-4849-ae7d-278d6d3dec80\index-dir\the-real-index

Filesize
624B

MD5
8173c5387d61929bb68829ef4d06493f

SHA1
106f1fe481407513870a00cfb9692059b334ffc9

SHA256
8dd72dc84a1995fd5292af447240e11c458d6da32efb20372682fb0e5297d32b

SHA512
ab27faf91df7c03ed44d27ea63a7f51dd1f2955f07fa0fbf13299e04cccc6e471ee34f51aca9e0e79765ac311a43d9777dd52138de07a5c9b8d8329aa8de86a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\12842c30-51f0-4849-ae7d-278d6d3dec80\index-dir\the-real-index~RFe5ade1d.TMP

Filesize
48B

MD5
467553abefeedcc1175160e97e67dc80

SHA1
c8d2c0929eb73d70c1f91ff8d9d1afa3f6abaf9c

SHA256
3ab85440afd24d99cf09dc9024e313aedf09f3991894c8b7f470deef59e92b66

SHA512
2c939ea1bfbf3eac3b5903ac2f673f8167ccd695159053350df41909d25a7cb40caf1a0a48cb1e2ff5776c8540dea1f889b5ee28bcac4d15976e6c6588614a76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7eb8d335-c42c-480a-9e62-d5c7b54dfbf7\index-dir\the-real-index

Filesize
2KB

MD5
cee40217cd24e2bc0001f00581368988

SHA1
70d3f5134f9c545df613e9cc123a068f76b8ba69

SHA256
bbc19626e569cadc867c9243698f8a13fe4de79365525c0776db6d2ef4e0a11c

SHA512
0da1938b26c080a0b2acaab2775ab6fc15034da7553e32d14b801688c7648e6fc115797a4c2b0e2ef45853a59c9148bb90371cb889815de683696cf70519a2a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7eb8d335-c42c-480a-9e62-d5c7b54dfbf7\index-dir\the-real-index~RFe5a8473.TMP

Filesize
48B

MD5
0177cbda4c26788807f143f117f9c087

SHA1
219b059ec3faead3d4534708f318bcaee1792a0c

SHA256
f24c955db363311f37e687de7097775f669d2bf13f66694b08af5fd33e13fbf3

SHA512
79f0b935110f632255274ef89f58a351b708b7339ea1c14f92fd83ea8a3fd75b5a5e4ed31d6bdd700e1bab7685efa81b0ac3e914453a6ca397300c13c4881b4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\aeee172b-665b-41e1-85ef-9a350bc6e296\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
ebffbefa72b71dd5194dfddf7384f7ad

SHA1
84b5fe30fb35f22a95a779191303aeb61d4e4178

SHA256
09d7b9c1e5811956f6b6ee43a38418a50eaffaac4dad38dc590634513e934069

SHA512
c5d9c96c3d3b5527f7493a05ccc2e2416c8f79b8c92d7cb95b2f1a7b0ba988c342191e22cd01b71ca177542c0ab8aa71d0ca9ea9fc641dc23b8a826bd209aafe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
0898fc206399f6f4e08c8a0b0fe1ba96

SHA1
978eb28c1cd681610e79cdb936c0abdee3428c8f

SHA256
ef1e77f49137921bfef3884a886a3d5f7dc8d3319609b07bdfd5bb9fdd9e1f4c

SHA512
295ecad76e018dde0bc335ae99d2322eaca3ac811413c6afb8dab6df671e00ca8c8a755b4ca9f2feb7be57a0820492f580c1be9eae66e73fa007411c3b1524aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
148B

MD5
5114fadc7a439e97a3e865990ae06a63

SHA1
dfd1e39b3382d61a81394b318b8430a12352bb51

SHA256
dda0a5a1bdfddd0e7891ee4b79a36a4e881cfb28fd54a2666683254bd07e15e9

SHA512
dd58276161be24d8cab0f20e5802c016cb07be631aed6cabee1f7c46cc732f9a89b808c59b311d37f09ddf6320cbd16e979efa360e293da412d1903636f58311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
157B

MD5
cc873f36c907e3b073ed2f283ccf5b0f

SHA1
58c1c0249d0624268dd5d23b63285eef668f9c5f

SHA256
ff52459c9392ba1530b97a7a93eb82153e3b35ff0a9f99cc1969538ac9a586cb

SHA512
4d5e7de88f9422cd70683453166655cb0713de1db188a83e6420601d838f7f3252b83a1ef40f8b3f4301541b8f2a7f841ebf1155b6859a2084da49f3e1d37396

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
122e0a47cbd4da2cbaa5f23fe2bcdd8f

SHA1
8b13db67889bc89320337849ad66525a5be987e7

SHA256
4d88169e14e63af0b4b4c43ae1a680dae80221ac9c417e2bc7104486b7da5bc1

SHA512
6b00f3f1492758083a788d976904b0d1a3a67b2b54c8a33ba872fa90dfacaf148b70abd1f86bb3feff5be47bd0ea498bdcb0937614ddb8d5c62001938de153bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
79189269438b7d249d7154f7b03efc26

SHA1
89618c28bbf278566f7a2f708c2e497a83c5b367

SHA256
009ae9fb93787cee3ccb9604028b1063252950c845bd7b019f0f949b5976edef

SHA512
5c8ce9b61c39c16037810d53bbb02acbdf0c7c327a50ce93e1d4b08f21179f672e706af2dde1c8b8b4611a85bda349a6759c68f9e6dacb2b99c323fb5eb57cd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
7d0d27c2797501bd665d03ca07bd0186

SHA1
0d2da71bbf83db1891654c61d69cb1f4bce18965

SHA256
826bd04d7865d0b8d6a6450b7cd2154ef6baba86143da47f0679c0fc440e3a75

SHA512
cbbe2d5be5baa1f8a195f80e3cbe9a7575086fe82938ec8729a8d6fc5bbe2fe16c3837d12d11c2b1c768f6f11939a0ba8b7968424d34220258792e20bb809712

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d95ea2839581cbdd60a685ae1a0965e0

SHA1
8e1750273a94a397c6847da6bf3dd7b72245da3a

SHA256
acfedcf6c6a1d19ddefbe1ceb9c839553bcd793c0c76712289eef442deaa436e

SHA512
04e6c0b1b24080e2bbae753ac4afbaef45334e5236050a9bf83843ad50a0bda380a1ff7c70a06d0b2925274b6ef6937ca89060e44f065389ee6ae9220d5bf733

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
31bc99ef1cf01810001c4bb6ecf42cfd

SHA1
a12e05e69c48f19670530428e54399caba444392

SHA256
e1f6b8ed561e4a8a728a47ba8197a9b1ec4fd077cb274633e6fc296cd9bd98de

SHA512
c11d2f994c3c7e7cdb083903153fb080c970e873ffdc249a0ffc14af5ccf9c6d360784cc69eec9ee54d580b9d6d897f38e88f0a13a1d4aca82c38d42b87e118d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a0dec.TMP

Filesize
48B

MD5
167cc302a5f5262717703b4af74feec1

SHA1
1041e1a3ba72b277d749ad84e76b61d51d00f1ee

SHA256
bbdafc1360f19e553744385e23d20ec57ea6fea03df9401b2f533afff8cf1e8f

SHA512
dba73aa1c6aa34561972938ff0bd802a3a9ac24a57027cc659fc663f4928fa16c63fe0a16a6e26c3eb828e7fcebf5b6bfe71cb8f623473b519d7eb8998720146

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
ae7d8b2326e8c6cd723c17e146085cf4

SHA1
c33e0ae14f2a28a65f3ecca7fe4eb1ea314882be

SHA256
e310eeda5129eb25f7d1443a5eef4c0daea6d31e72be624dd494cd194996fc83

SHA512
6c9bc2f7fa191aafc20dd4c3f2457cbd6be5bb7bee2706821ea7eb3596dc7dbdc2081625069d89537eed50949039d23d692e151f31d54eb23d9359bbf6b8e01f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e803c75c89b4e531cfcc651a5cb6b617

SHA1
c17b703be378894472b7bb56cd27b8b21ca2f8d8

SHA256
db29eefd6b581a0c100e6819880414cd12e5b84406ef4bf9afe0dc2184102429

SHA512
7c47431b4e99bf785860e980fe26b05a16fd3b050bcc900b3983596a7ad2e0f30a46aceaa1b122da238f4ceddde77192a7c842841adb9cb5582ef5afb858d7f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
4ab5900406d836fc1bf1101024a4510e

SHA1
58c522184b55fb7eff8d189a145d6b12c90bfd52

SHA256
af16d868bb1cbd9287b3112d7a3f6ba0c314c803f38354524501f20e4449c1ee

SHA512
cfb0fb83facb8bf54867eb7c6b13090e0e8b761cbe368c24fb46c3b8b5d278d68026fc87e44e6c924e87a4586662e6d17f7aca460cb03d7184e6ef425738a80c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
59f0f9f74b709620ff42d2145196963f

SHA1
8f4df7f0ccfa31219873e0022778c3f34894fe4b

SHA256
c9222d83f7e466dcd15a02ead420b63d783ca50137c73bbfcf513ba46070f6a8

SHA512
87fb59d3bb8e1c1038ce1e6654af39901ee658b3ee4d2068e43228eb25a4ea79da9b8dfe52e00bbc05dc8895c9523ebbfcebe41b2c81c1605c8601c9f1df1f0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
53792029d6498d4672bb508426aab1e6

SHA1
e32b0486e5587987a438067f4647108897d41d3a

SHA256
4db20bc478666975409bd5a3b774043f2271afb08de5f7fe135e0b2ad0d76530

SHA512
0c45f190e488788698cab4f7c2c52685a5b8e077455f0207dc1a030ffe3b19761768dde213c5c6d41ee98cc9913a7a34c2a00d32ba7b0b23aeaba3e16750139b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
1531ab902ebbf9bd4f03abedba58675f

SHA1
940ffc03eeb9863ac6e07ba427a0d89fda69d9ce

SHA256
5363db75d4db74c23a28a5f5effdd0003209ce1fe3646c4a29bb2436399ab53b

SHA512
30ee71ccd2cdb10b4d73488041589d4af76331a0f8cdb7f4ae77b0f44d6be501103662b654013dc957ac2667585ca3e527cabac7e9e3d0a0cf5e1a964f11edc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
0c4096ce63a3a86c819588cc1b87edf9

SHA1
d164f6a2ad5ee440e8fae5b0badfb777a6c3625c

SHA256
b5ea83f92474d7a281d8fbda81f0056e7416bdbb7ff120e327b9ba00c3dd50bd

SHA512
96c614ed68b4c71e81f0040c4b3bc2bbfcfeb14f862131aeaaaf81a0d817a103989430351d4439106712972775fcde693e162ef2c376457586da0f5286a38e88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
142ac6605ab3c415a60b311a4a25185a

SHA1
3e53b7ff57f1f6df497b93827985684e48ce5f3e

SHA256
830a34b7a9fe78c2111d1e3c07472504d21e579458c65baf1a5ad96c5b37a375

SHA512
0a7b799854f07956f738ad8bb70293e7adec73ed5182b783c2455a65eafa4850042c67983a08dd86dc7b7fa3e325c132c19149b93c332c7282b377a91dc8ae20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
864B

MD5
5dcd37788022191f666aca551d35dfb7

SHA1
1a9be14287c70aba78602b158b20fd02bac17174

SHA256
cdd78fb51c0572ce2b1792be3585bd16ccee9d9afbdecca95f3c324f79c883f1

SHA512
c298c170b5b7f2edd12a853f01b01c67ebea42dfb834dc535e7e4e3b9db7a5a240dfa048eee7bb350c5b0f0f528c2276809b5b1c9313548bb47e30acc9199252

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57de0c.TMP

Filesize
864B

MD5
4c0d839e4f120ec35adc0b116bb124bc

SHA1
ffa6c11b50768374b2c283119418d513742e7c43

SHA256
941fbf5a7cbef9c6d3bd71d5ba50bdf69d7233fba366716f64edab78c0969343

SHA512
b70bb1202ebf2440d4b1d6a3f8a9288f2ad16769f872032a32f2e14fa5d6ac7b6ed3576d6b700675370c29613d56890e1578feed25444385d8dab98ef8ae80fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
7b570a9239c843d2ed2309f76d650a83

SHA1
6423b610d198b5d66a9cd0e9e7c3700758c7a444

SHA256
416e217bfad58410ff94ca9673075a393e8ce939a07fcb057142d5063031b3d7

SHA512
8b0d04ad8afe4f6082056a2b2c3e0d2424da293cc3db3a58c1c58fbddd571317685d9cf11c399b87c6f20d7cda939b4c7ab03f383460ee3fae909ee51d567f44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
60a5e1ab9e4256f0aa9fe36f71c6caf7

SHA1
f5ddf34654756cecdf47d94f1205e77cf95d80a8

SHA256
2c57e81e0da7a0f3003a596980da171f41cfc1dc4a8a32a935d4fff8059b45c7

SHA512
f9f7ff775dd2c5322f6db4ceed5ce1ba72db71a060da9bfd3ca9a74585187729a9b29290ba5d3de664eab178d6e56f720efaad33b80f090a5214a50e25040eec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8766a1de83106fba4732fb90c6c20b02

SHA1
340b7387c99cb745186d3fda43f23a2b198d0743

SHA256
e18a99254576e78700a0f79b943b8a685f7293f865725da36342b7b3d8626e78

SHA512
4bfaba53d52983f3bfc588e0b7d8cd77a5ad017dcfcc97829cf6292663dcaa5f81a7ae6363fad4f2d93b52a84e25ce29d5a398c1f4932978e101257b1bde37b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
53KB

MD5
fc3efe479324410856822cfc06454fb1

SHA1
684ade4167a5bb9d788d8b50fffaea72bf5b2b32

SHA256
956cb9889287a1bfd31f462a9ed76f67c3be7310cff4bf3f148968069f82ea0b

SHA512
c06a323aa7691641ddb51fe245c4dc4495b500a02759bb87c1f8e685d6e71854aa26f926294512c434c5d171372190d8b6d3a60f866d05c6b3c0d6f75dc439a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_vyv3l3as.jds.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
76c9b9bdb0eccc31912f374976767a92

SHA1
d37920ff724be5205e9f0c36d4fd74a4e5ee6cab

SHA256
ea4170a5238c1464bac19b4a1bf825d229ef610387f8276329cf3194b4024d09

SHA512
58c378a85527b913ebd42dcc754589a0b3844bdffe63342374755d16517ede77c130e382a9acf35942af59291840a8e4e5f0552ee670c45b5faae05d9398fa98

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
9cd25dea3368c5bc13c4530a38fa5ad8

SHA1
55340ec347346e5403ba9a566bdda4b063f8fd2a

SHA256
2687807a7437ac5c6dc30546d14defd400960ed1e27a158dd1d8603696bfea28

SHA512
3d67b10a7025ea976990c663f903366fa4215143e3c938c3cad91766c1db1a67163062641bb073309568cab709e2e222752d8cef5584d56813aa87d9750e0aec

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
293c724b72458ff85b9d9d5b2f8fe61f

SHA1
77e35080bb4a7796d75a032d1a9e8b5a5149a1f1

SHA256
b9f90fcff25d0e00e167d096afd58af23f995ed6cbd17f53114256ec791614ff

SHA512
5e69def0b0ddb8ecbe396e96d2a0c625e875714a67bf8890621d4b91c4d8c9b994fd1ae032a141c34ae487e130c35295ad419260a0adabad14044ab3c1c334c6

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 408470.crdownload

Filesize
24.8MB

MD5
04328197a074736ced79bd03337f889f

SHA1
fde76673b7521c2686805017b91ca0005db5fab6

SHA256
88ad2e0eabf0179c3d8bbc20a27dd2eaf9a1a23a93c3d344c8d2ecc7dc478054

SHA512
acc5fefda6676e6d6e93683e1cdd647971470edd77fd54ed914a1a45beaea2f70aec18cd9d8d4077ac91942019d570724c5a79d7fc87876da72a04457d89a79c

Download Submit
memory/396-277-0x0000029067BC0000-0x0000029068BC0000-memory.dmp

Filesize
16.0MB

Download
memory/396-304-0x000002908FFB0000-0x000002908FFD2000-memory.dmp

Filesize
136KB

Download
memory/964-2694-0x0000000140000000-0x000000014013E000-memory.dmp

Filesize
1.2MB

Download
memory/5668-2680-0x0000000140000000-0x000000014013E000-memory.dmp

Filesize
1.2MB

Download
memory/5668-2681-0x0000000140000000-0x000000014013E000-memory.dmp

Filesize
1.2MB

Download
memory/6756-2692-0x0000000140000000-0x000000014013E000-memory.dmp

Filesize
1.2MB

Download