Overview

overview

8

Static

static

3

fcd1cdfe35...18.pdf

windows7-x64

7

fcd1cdfe35...18.pdf

windows10-2004-x64

8

Resubmissions

20-12-2024 21:57

241220-1vd23svrbr 8

18-12-2024 19:52

241218-ylw57azrfn 10

18-12-2024 19:51

241218-ylabeszrek 3

18-12-2024 19:31

241218-x8fw2sypez 8

18-12-2024 19:27

241218-x6k3zsypaw 3

18-12-2024 19:27

241218-x54hyazlfn 3

Analysis

  • max time kernel
    1055s
  • max time network
    1056s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-12-2024 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fcd1cdfe358c3b7c95e10cf72dbf727f_JaffaCakes118.pdf

  • Size

    93KB

  • MD5

    fcd1cdfe358c3b7c95e10cf72dbf727f

  • SHA1

    7c5c487471db6b1702085fd880a931a819baa264

  • SHA256

    d95ae7b09fc599fa5ef99c04131117f9b8f9432b3b4aa9cf8492535f8d71ceae

  • SHA512

    30ca7a429aa4b1b3a877c6b8b83e3f957c2cb5a7a06d2ad63e0be5e85ade27f0d3255d8c0c671150013c01546369052882f5db77997f3980148a8b7a3a47caa6

  • SSDEEP

    1536:UHedaEV1N3QjlwBgiZDASIKwJJYut9OLod6/d3Vb4fcXwWx+7oRW8pO+W/O:Kedai/3ywBgirIBL1qd3VbrXp+7ow+D

Score
8/10
discoverymotwphishingspywarestealer

Malware Config

Signatures

  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 19 IoCs
  • Loads dropped DLL 29 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 4 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 11 IoCs
  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
    phishingmotw
  • Network Share Discovery 1 TTPs

    Attempt to gather information on host network.

    discovery
  • Password Policy Discovery 1 TTPs

    Attempt to access detailed information about the password policy used within an enterprise network.

    discovery
  • Drops file in System32 directory 3 IoCs
  • Drops file in Program Files directory 25 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 64 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 42 IoCs
  • Modifies registry class 5 IoCs
  • Modifies system certificate store 2 TTPs 12 IoCs
    evasionspywaretrojan
  • NTFS ADS 1 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 54 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 49 IoCs
  • Suspicious use of SetWindowsHookEx 30 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
    1⤵
    • Loads dropped DLL
    PID:1220
  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fcd1cdfe358c3b7c95e10cf72dbf727f_JaffaCakes118.pdf"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:924
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2464
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6FFD2FA2BDB881BE64AACF90E55D7AF7 --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:1004
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=EEA56A5B48755F35A4F4E0917856EF60 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=EEA56A5B48755F35A4F4E0917856EF60 --renderer-client-id=2 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job /prefetch:1
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2832
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=247F065EE7C73CB7DD3217826DBBAD64 --mojo-platform-channel-handle=2308 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:1824
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=5BCDA5D2B3EE1AA9806A44E3A9839486 --mojo-platform-channel-handle=2404 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        PID:3584
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=44CCCBD85FC07887069FF80A51B990D0 --mojo-platform-channel-handle=2348 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
        3⤵
          PID:5020
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=71BA3D4D250DF9B6D667CDF8052FC906 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=71BA3D4D250DF9B6D667CDF8052FC906 --renderer-client-id=7 --mojo-platform-channel-handle=2388 --allow-no-sandbox-job /prefetch:1
          3⤵
          • System Location Discovery: System Language Discovery
          PID:4728
    • C:\Windows\System32\CompPkgSrv.exe
      C:\Windows\System32\CompPkgSrv.exe -Embedding
      1⤵
        PID:2992
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe"
        1⤵
        • Enumerates system info in registry
        • Modifies data under HKEY_USERS
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        PID:2828
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb3fa4cc40,0x7ffb3fa4cc4c,0x7ffb3fa4cc58
          2⤵
          • Loads dropped DLL
          PID:2516
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2036 /prefetch:2
          2⤵
            PID:3220
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1960,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:3
            2⤵
              PID:2992
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2320,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2020 /prefetch:8
              2⤵
                PID:1536
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3192,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3208 /prefetch:1
                2⤵
                  PID:3000
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3228,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
                  2⤵
                    PID:4060
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4624,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4636 /prefetch:1
                    2⤵
                      PID:3432
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3872,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:8
                      2⤵
                        PID:4444
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5068,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5040 /prefetch:8
                        2⤵
                          PID:4288
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5224,i,7349899658136223928,9809885512362734023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:1
                          2⤵
                            PID:1044
                        • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                          "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                          1⤵
                            PID:4048
                          • C:\Windows\system32\svchost.exe
                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                            1⤵
                              PID:4368
                            • C:\Windows\system32\svchost.exe
                              C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
                              1⤵
                                PID:372
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                1⤵
                                • Loads dropped DLL
                                • Enumerates system info in registry
                                • Modifies registry class
                                • NTFS ADS
                                • Suspicious behavior: EnumeratesProcesses
                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                • Suspicious use of FindShellTrayWindow
                                • Suspicious use of SendNotifyMessage
                                PID:3712
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb316846f8,0x7ffb31684708,0x7ffb31684718
                                  2⤵
                                  • Loads dropped DLL
                                  PID:3080
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
                                  2⤵
                                    PID:2748
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:4804
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
                                    2⤵
                                      PID:3264
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                                      2⤵
                                        PID:3908
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
                                        2⤵
                                          PID:1456
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
                                          2⤵
                                            PID:2488
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1
                                            2⤵
                                              PID:3400
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3636 /prefetch:8
                                              2⤵
                                                PID:4080
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3636 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5156
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
                                                2⤵
                                                  PID:5852
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1
                                                  2⤵
                                                    PID:5860
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
                                                    2⤵
                                                      PID:6092
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
                                                      2⤵
                                                        PID:5292
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4048 /prefetch:1
                                                        2⤵
                                                          PID:5536
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
                                                          2⤵
                                                            PID:5656
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
                                                            2⤵
                                                              PID:2568
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                                                              2⤵
                                                                PID:1080
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                                                                2⤵
                                                                  PID:3512
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
                                                                  2⤵
                                                                    PID:2400
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
                                                                    2⤵
                                                                      PID:5984
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
                                                                      2⤵
                                                                        PID:5652
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
                                                                        2⤵
                                                                          PID:3620
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
                                                                          2⤵
                                                                            PID:3932
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
                                                                            2⤵
                                                                              PID:1144
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
                                                                              2⤵
                                                                                PID:3024
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7376 /prefetch:1
                                                                                2⤵
                                                                                  PID:2336
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5824
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
                                                                                    2⤵
                                                                                      PID:4192
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
                                                                                      2⤵
                                                                                        PID:2324
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1
                                                                                        2⤵
                                                                                          PID:3404
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7832 /prefetch:2
                                                                                          2⤵
                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                          PID:5388
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
                                                                                          2⤵
                                                                                            PID:4920
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
                                                                                            2⤵
                                                                                              PID:3212
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8004 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5564
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7896 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:3220
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:6064
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3092 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5144
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:5536
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:5772
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:2132
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:5976
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:5044
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:4316
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:5320
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:4788
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:2812
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8204 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:844
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2072 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5260
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8500 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:5668
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:5348
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8824 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:776
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:6020
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:1672
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:1008
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:5660
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:5940
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:3752
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:5916
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7912 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:6132
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:5696
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7172 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:4444
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:1176
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7296 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:3240
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:5756
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:6020
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9148 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:1436
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:632
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5852 /prefetch:8
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:5140
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:4328
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8488 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:4736
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3092 /prefetch:8
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:5732
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:6008
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1876 /prefetch:8
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:5852
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7760 /prefetch:8
                                                                                                                                                                              2⤵
                                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                              PID:3292
                                                                                                                                                                            • C:\Users\Admin\Downloads\Delta V3.61 b_55124356.exe
                                                                                                                                                                              "C:\Users\Admin\Downloads\Delta V3.61 b_55124356.exe"
                                                                                                                                                                              2⤵
                                                                                                                                                                              • Checks computer location settings
                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                              • Modifies registry class
                                                                                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                                                                                              PID:5216
                                                                                                                                                                              • C:\Users\Admin\AppData\Local\OperaGX.exe
                                                                                                                                                                                C:\Users\Admin\AppData\Local\OperaGX.exe --silent --allusers=0
                                                                                                                                                                                3⤵
                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                PID:3876
                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe
                                                                                                                                                                                  C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe --silent --allusers=0 --server-tracking-blob=MGJhYzE4NGY0ODZlMjg0NjllOTQ2ZjBiOTlmNDUxMjg2MWYzM2M3OTdhZDA2ZTE1MWUyZTI1YmJjMTM1MTRkNTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNV8zNTc1JnV0bV9pZD01OTQ3NTE4MDI5ZTc0MDZmOWRhYjQ3ZDIwMTY4OTU3NSZ1dG1fY29udGVudD0zNTc1X0ZpbGVETSIsInRpbWVzdGFtcCI6IjE3MzQ1NTEyNjEuNjg1MSIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNC4wIChjb21wYXRpYmxlOyBNU0lFIDcuMDsgV2luZG93cyBOVCA2LjI7IFdPVzY0OyBUcmlkZW50LzcuMDsgLk5FVDQuMEM7IC5ORVQ0LjBFOyAuTkVUIENMUiAyLjAuNTA3Mjc7IC5ORVQgQ0xSIDMuMC4zMDcyOTsgLk5FVCBDTFIgMy41LjMwNzI5KSIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9VU19QQjVfMzU3NSIsImNvbnRlbnQiOiIzNTc1X0ZpbGVETSIsImlkIjoiNTk0NzUxODAyOWU3NDA2ZjlkYWI0N2QyMDE2ODk1NzUiLCJtZWRpdW0iOiJwYSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiI5NmU2Nzk1My1hMTFjLTRlYTEtYTVkZS1iNzA0YjEyZTZmYjgifQ==
                                                                                                                                                                                  4⤵
                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                  • Loads dropped DLL
                                                                                                                                                                                  • Enumerates connected drives
                                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                                  • Modifies system certificate store
                                                                                                                                                                                  PID:5724
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe
                                                                                                                                                                                    C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=115.0.5322.89 --initial-client-data=0x330,0x334,0x338,0x308,0x33c,0x66ae2d9c,0x66ae2da8,0x66ae2db4
                                                                                                                                                                                    5⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • Loads dropped DLL
                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                    PID:3900
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
                                                                                                                                                                                    5⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • Loads dropped DLL
                                                                                                                                                                                    PID:1900
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe
                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --vought_browser=0 --launchopera=1 --showunbox=0 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=5724 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20241218194744" --session-guid=9a5831ed-1087-491c-b49a-a5220abc343c --server-tracking-blob=ZTliMWI4YzA4YzQyZmEyMzc5MDczNDViMGY1MjNjY2Y2YWZjYjE4ZDE5Yzk2Y2Q5ZjI5Nzc4YjJjMzM1NWQwMTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yP3V0bV9zb3VyY2U9UFdOZ2FtZXMmdXRtX21lZGl1bT1wYSZ1dG1fY2FtcGFpZ249UFdOX1VTX1BCNV8zNTc1JnV0bV9pZD01OTQ3NTE4MDI5ZTc0MDZmOWRhYjQ3ZDIwMTY4OTU3NSZ1dG1fY29udGVudD0zNTc1X0ZpbGVETSIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTczNDU1MTI2MS42ODUxIiwidXNlcmFnZW50IjoiTW96aWxsYS80LjAgKGNvbXBhdGlibGU7IE1TSUUgNy4wOyBXaW5kb3dzIE5UIDYuMjsgV09XNjQ7IFRyaWRlbnQvNy4wOyAuTkVUNC4wQzsgLk5FVDQuMEU7IC5ORVQgQ0xSIDIuMC41MDcyNzsgLk5FVCBDTFIgMy4wLjMwNzI5OyAuTkVUIENMUiAzLjUuMzA3MjkpIiwidXRtIjp7ImNhbXBhaWduIjoiUFdOX1VTX1BCNV8zNTc1IiwiY29udGVudCI6IjM1NzVfRmlsZURNIiwiaWQiOiI1OTQ3NTE4MDI5ZTc0MDZmOWRhYjQ3ZDIwMTY4OTU3NSIsIm1lZGl1bSI6InBhIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6Ijk2ZTY3OTUzLWExMWMtNGVhMS1hNWRlLWI3MDRiMTJlNmZiOCJ9 --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=F805000000000000
                                                                                                                                                                                    5⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • Loads dropped DLL
                                                                                                                                                                                    • Enumerates connected drives
                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                    PID:2208
                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe
                                                                                                                                                                                      C:\Users\Admin\AppData\Local\Temp\7zS42FE5426\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=115.0.5322.89 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x65d22d9c,0x65d22da8,0x65d22db4
                                                                                                                                                                                      6⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      • Loads dropped DLL
                                                                                                                                                                                      PID:1080
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
                                                                                                                                                                                    5⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                    PID:6096
                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\assistant_installer.exe
                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\assistant_installer.exe" --version
                                                                                                                                                                                    5⤵
                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                    PID:5728
                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\assistant_installer.exe
                                                                                                                                                                                      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x534f48,0x534f58,0x534f64
                                                                                                                                                                                      6⤵
                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                      • Loads dropped DLL
                                                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                                                      PID:180
                                                                                                                                                                              • C:\Users\Admin\AppData\Local\Temp\PremierOpinion\ContentI3.exe
                                                                                                                                                                                "C:\Users\Admin\AppData\Local\Temp\PremierOpinion\ContentI3.exe" -c:1538 -t:InstallUnion
                                                                                                                                                                                3⤵
                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                • Drops file in Program Files directory
                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                PID:2760
                                                                                                                                                                                • C:\Program Files (x86)\PremierOpinion\pmropn.exe
                                                                                                                                                                                  C:\Program Files (x86)\PremierOpinion\pmropn.exe -install -uninst:PremierOpinion -t:InstallUnion -bid:H1gC1SzeAzL8XUvM5BPOGG -o:0
                                                                                                                                                                                  4⤵
                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                  • Drops file in System32 directory
                                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                                  • Modifies system certificate store
                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                  PID:5952
                                                                                                                                                                              • C:\Windows\SysWOW64\NOTEPAD.EXE
                                                                                                                                                                                "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\link.txt
                                                                                                                                                                                3⤵
                                                                                                                                                                                • Loads dropped DLL
                                                                                                                                                                                • Opens file in notepad (likely ransom note)
                                                                                                                                                                                PID:1084
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:3472
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:1916
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:5720
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:5836
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:4432
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:4396
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8500 /prefetch:8
                                                                                                                                                                                          2⤵
                                                                                                                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                          PID:2060
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:2264
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4580 /prefetch:1
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:2948
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:2836
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
                                                                                                                                                                                                2⤵
                                                                                                                                                                                                  PID:4784
                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2172,17060043533259388789,7722705414321593051,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6852 /prefetch:8
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                  • Loads dropped DLL
                                                                                                                                                                                                  • Modifies registry class
                                                                                                                                                                                                  PID:5484
                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                1⤵
                                                                                                                                                                                                  PID:1652
                                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                    PID:4120
                                                                                                                                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                    C:\Windows\system32\AUDIODG.EXE 0x4dc 0x4f8
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                      PID:3752
                                                                                                                                                                                                    • C:\Program Files (x86)\PremierOpinion\pmservice.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\PremierOpinion\pmservice.exe" /service
                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                                      • Loads dropped DLL
                                                                                                                                                                                                      • Drops file in Program Files directory
                                                                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                                                                      • Modifies data under HKEY_USERS
                                                                                                                                                                                                      • Modifies system certificate store
                                                                                                                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                      PID:4584
                                                                                                                                                                                                      • C:\Windows\system32\rundll32.exe
                                                                                                                                                                                                        C:\Windows\system32\rundll32.exe C:\Windows\system32\pmls64.dll,UpdateProcess 1220
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • Loads dropped DLL
                                                                                                                                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                        PID:6040
                                                                                                                                                                                                      • C:\Windows\SysWOW64\reg.exe
                                                                                                                                                                                                        reg.exe EXPORT "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}" C:\PROGRA~2\PREMIE~1\RData.reg /y
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • Drops file in Program Files directory
                                                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                                                        PID:5792
                                                                                                                                                                                                      • \??\c:\program files (x86)\premieropinion\pmropn.exe
                                                                                                                                                                                                        "c:\program files (x86)\premieropinion\pmropn.exe" -boot
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                        • Loads dropped DLL
                                                                                                                                                                                                        • Drops file in Program Files directory
                                                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                        • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                        PID:4456
                                                                                                                                                                                                        • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                          CheckNetIsolation.exe LoopbackExempt -s
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                                                                                                          PID:2460
                                                                                                                                                                                                        • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                          CheckNetIsolation.exe LoopbackExempt -s
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                                                                                                          PID:4460
                                                                                                                                                                                                      • C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                        /C C:\PROGRA~2\PREMIE~1\pmropn32.exe 4456
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                                                        PID:5992
                                                                                                                                                                                                        • C:\PROGRA~2\PREMIE~1\pmropn32.exe
                                                                                                                                                                                                          C:\PROGRA~2\PREMIE~1\pmropn32.exe 4456
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                                                          • Loads dropped DLL
                                                                                                                                                                                                          • System Location Discovery: System Language Discovery
                                                                                                                                                                                                          • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                          PID:4712
                                                                                                                                                                                                      • C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                        /C C:\PROGRA~2\PREMIE~1\pmropn64.exe 4456
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                                                        PID:2128
                                                                                                                                                                                                        • C:\PROGRA~2\PREMIE~1\pmropn64.exe
                                                                                                                                                                                                          C:\PROGRA~2\PREMIE~1\pmropn64.exe 4456
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                                                          • Loads dropped DLL
                                                                                                                                                                                                          • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                          PID:6040
                                                                                                                                                                                                      • \??\c:\program files (x86)\premieropinion\pmropn.exe
                                                                                                                                                                                                        "c:\program files (x86)\premieropinion\pmropn.exe" -updateapps
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                                                                                                                        PID:4392
                                                                                                                                                                                                        • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                          CheckNetIsolation.exe LoopbackExempt -a -n=1527c705-839a-4832-9118-54d4bd6a0c89_cw5n1h2txyewy
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                            PID:1672
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:1920
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=e2a4f912-2574-4a75-9bb0-0d023378592b_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:1992
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=f46d4000-fd22-4db4-ac8e-4e1ddde828fe_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:1692
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.aad.brokerplugin_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:4432
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.accountscontrol_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:4348
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.asynctextservice_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:3396
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.bioenrollment_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:2688
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.creddialoghost_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:5308
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.ecapp_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:5568
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.lockapp_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:4484
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.microsoftedge.stable_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:3136
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.microsoftedge_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:6008
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.microsoftedgedevtoolsclient_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:5636
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.vclibs.140.00_8wekyb3d8bbwe
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:5156
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.win32webviewhost_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:1548
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.apprep.chxapp_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:5436
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.assignedaccesslockapp_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                                                                            PID:4528
                                                                                                                                                                                                          • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                            CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.callingshellapp_cw5n1h2txyewy
                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                              PID:3792
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.capturepicker_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:628
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.cloudexperiencehost_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5468
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.contentdeliverymanager_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5368
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.narratorquickstart_8wekyb3d8bbwe
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:3596
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.oobenetworkcaptiveportal_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:1640
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.oobenetworkconnectionflow_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5784
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.parentalcontrols_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5636
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.peopleexperiencehost_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:1892
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.pinningconfirmationdialog_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5000
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.search_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:4736
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.secureassessmentbrowser_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:4528
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.shellexperiencehost_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:5252
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.startmenuexperiencehost_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:4284
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.windows.xgpuejectdialog_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:4872
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoft.xboxgamecallableui_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:2844
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoftwindows.client.cbs_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:3592
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=microsoftwindows.undockeddevkit_cw5n1h2txyewy
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              PID:1808
                                                                                                                                                                                                            • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                              CheckNetIsolation.exe LoopbackExempt -a -n=ncsiuwpapp_8wekyb3d8bbwe
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                PID:1256
                                                                                                                                                                                                              • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                                CheckNetIsolation.exe LoopbackExempt -a -n=windows.cbspreview_cw5n1h2txyewy
                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                                PID:4812
                                                                                                                                                                                                              • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                                CheckNetIsolation.exe LoopbackExempt -a -n=windows.printdialog_cw5n1h2txyewy
                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                                PID:1136
                                                                                                                                                                                                              • C:\Windows\SysWOW64\CheckNetIsolation.exe
                                                                                                                                                                                                                CheckNetIsolation.exe LoopbackExempt -a -n=windows_ie_ac_001
                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                                PID:5280
                                                                                                                                                                                                          • C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                              PID:1640
                                                                                                                                                                                                            • C:\Windows\system32\wbem\unsecapp.exe
                                                                                                                                                                                                              C:\Windows\system32\wbem\unsecapp.exe -Embedding
                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                                                              PID:5304
                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe
                                                                                                                                                                                                              "C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe"
                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                                                              • System Location Discovery: System Language Discovery
                                                                                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                              PID:5500
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4TfpR6wUUu
                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                • Loads dropped DLL
                                                                                                                                                                                                                PID:3568
                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb316846f8,0x7ffb31684708,0x7ffb31684718
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Loads dropped DLL
                                                                                                                                                                                                                  PID:1920

                                                                                                                                                                                                            Network

                                                                                                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                            Replay Monitor

                                                                                                                                                                                                            Loading Replay Monitor...

                                                                                                                                                                                                            Downloads

                                                                                                                                                                                                            • C:\PROGRA~2\PREMIE~1\snt.dat
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              76deb7d82dcbd969c8a72be0cef7c55a

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              acf40d9445ea52cb8bc8f86e0eceace118b14cde

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3c4ccbcb1418328c5b9892fb06f3c7e63c3ac9aff1cd2be0e2cabb897e54b895

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c0c228e8d5cf86d5c0f629ea2b772b3e1d62c3fedcdd09d9fa73bbd2abb132660c797ef1320d0ae3ef46afa93c872ca16579367305269fc6a809d75cb6b88e48

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\cacert.pem
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              77eb3ade4c5b0db67c6e8a26f131073c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ad9e8c00174cc2e707f59df671f89a9d7fc2ffc7

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              9f19e7a7139cca8373b516ab1ae49c644aa1c8048e8c7aa5784774a081dcbb87

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              20eb7d34c80bb8d8a415bcdccf8e46cb36396c095ed1468b69c0cb91da915e3a14c7fd55247f68e64ff71cf8d336cc286c3662710ca6281840fdc2f1eb7ac6a1

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmls.dll
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              885KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              50a0c6c01cdc5d2690ccd1f1541f6670

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c5e017a468efb70eabb1f861784edac62acb0e17

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              f9a853830949bb22d6f4d128d71a0ab923d9b5549c0dc8785c7de7d1a4eabf99

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              028d5a56c581d3751628c7503e83aa52c332678495943c3648049ae0b26a7190e98395ad205cf60896140d1a802c14a346a2d1553e7b53090c3f5beefd66e9b1

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmls64.dll
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1.1MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              aa56cb7fd83150c3a75cd6a0de97eb78

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              34415c5c8e57cfe9a7b4a498eacfe1403f3191ec

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              034e066829d28bbc81604250f6df721a35ab1c0898ab82bef6305ffada240765

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              765f12e5e060db934d0f4e8159bb9bd10cdbe797d79488a0dc88215a73e49101e279ca69e10c1775a5e161bb4dd02585724c7c87bbefdcdd047adb4277804fa2

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmph.dll
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              807KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              9d96ccb0d5ab5541b61d5c138d91796f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cf3ee3e66c8f9c23e3efd29978215461347e650d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              379a1f1f02c8cb704f248c2f1ff79c8986f73c350a3bf6d9bbc93aeacd286e36

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              69ca7d96896d872eefa63f0c0bd9613526a914e99c4cf12b5d221315277aa64894d99d0f5ce9c5e0ef640d61c9202cd3d51ddb2ab4c55f8fdf60d24a8c1ff6ac

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmropn.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              6.7MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              f27f98c1a877f9ca6f06c23bed4014ca

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              25a231319659c30d6f86a5c9cdd1747d7c471542

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              1ed47933c9f33c4860ecc0bf1ba7525212aa00054037a9a51a8d8f5ce3b821bd

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f054a618d2f8e7a829c26548312b436e21058ee1ff64b40e7c19be2bde037003c21332af3c60e2fd92675af80526ef6faf84b8c1d7a095bb2c4d0b799e66599c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmropn32.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              245KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              6e4d6b68e9565c4cc7791b00c2094ff9

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              965a00a5a8bb05b35fbaa357951779ea3b71e392

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              65d6f18e1b366aff5343c3f6628041329e7c1375d18ba57076b19bf5f48bc483

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              0cb1396822c7350057cfc7280e1c67ccf1e1a2206347a10025e285f00e9364563685ba5282775960a9329511fd321a631222c87ae7ca8106eca00fb78722b20f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Program Files (x86)\PremierOpinion\pmropn64.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              304KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              ae5bbcc69b05359d0d5cc72ca6a1262e

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6843bd883d50216be44065411a983a4bcccdcc91

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              12bfd1007634138b22c56ead24db02a1fe3a4d4b7fe04d30cd07a0ff5d4c8425

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              6417aaeb4ccd86504bc1f83e32c91a60920e98fff833c02fdbef974819a3288cab0c96d6b114ceed4432c305d49120cacbc7e0da69c911f4035aadfbec7a91de

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              64KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e272a39fad1b73d2390a7120b9c21e81

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ec64ac4eb35d7669ea309f8c0264bd0ef9d8fac2

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              49861494cdb7af817dd8c801d934c094a3a8bae362ea0320443ca0597deaf558

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              934f6b9d12c7cf8d3b778fe88f7ae98038b5ebe09192ed3c9d76f3fd71a7bbaf3a296391b52044cc285e30e9cef08df1b825aa35fab956f8a13bf41b8b59f17e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              36KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              b30d3becc8731792523d599d949e63f5

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              19350257e42d7aee17fb3bf139a9d3adb330fad4

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              56KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              752a1f26b18748311b691c7d8fc20633

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              471B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              79d5e17c709257fb14f11b4682f7c65f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6e489806998b207dfdd5f2207badf1eef08ca4da

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              15fc87f01d6610173445d017990c940eb547f37832b177ba63776b3f931d9e2d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              8e65a2beb08d45f6ac68bed935207cc812f752f8c2d356f6e236b46a9dc2448c4a3a9c364724209d79dee1a24d9e92bc116938b62e2ba0477e3d694d2965c442

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              400B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3029564dea0a19613a080bbc260c5ce3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              2138f97c3dc82c825e98ecaac7ec60bf70ad562a

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3ffdb984c48f7e0577ff1f98137e1f920be7f7a3eb520d17ad5bcfe97e07c30c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              96c91ddebe28ab49bac154fa5a3b1e141e3da35d0a086909b2f19942e4350754766aecd72c71e53309fc185986c25be55ebc8e6d1de5eb62cee61845eb2f6e8b

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\D3DSCache\3231ae299a0af0b2\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              f49655f856acb8884cc0ace29216f511

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              215KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              d79b35ccf8e6af6714eb612714349097

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              eb3ccc9ed29830df42f3fd129951cb8b791aaf98

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              192B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e61db2dd892f28b34a222bf5bcdcc3c8

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              0d646c56fa6a94cc739179ed7265ea977f0142ed

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              4513e6e0845af2caab5489e682bb2aea0919f2125155684a4401a259ecbfed25

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              38ece07f9cfe8ce63e58d686d29b755d23f9f5e9e1d7a363d9a232061ad4d8193191e4ca078e66cab562b92e0c842d62285aefcd560aad17e8db5151716a1718

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e538496801195361e77ed73e8e60596d

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              e40685a6b7b6423ddb99b5610f88a20c3c6867e3

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              eba28d88bed039c4dfd6af9490ac55a055e6118db438f535c5ea15d23873c22f

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              dc186e9bf16fab840e908dc034b81c9ce3dbe5ac7e3ccdc87136450170d060db88d21b4d118ba45a4d35a2040b87744db703224847773668abe7088c5f9531f0

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              d751713988987e9331980363e24189ce

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              356B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3ac131f1cba24abc52e92c98df803d81

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              2440ab126dac8ba430ad7a47093829177e4ac179

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7c56c72659a7668dd5759584e968113b9a32ee552fa1a151004359291de20a01

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              55f303ff8476b103d80db32a66119dcd5f7d98c862bd55ab353ad6be4cab1c144153c3e8f19ecc475710c21998f56a96ecb7b6f79ee903eb6addb0429c8534f0

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              356B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              0c90a05d7fff198bbdff5878fcd7f78e

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              fc689c91c9e7b9c55de41c82124e55a3e4e94708

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              70854202e9b98b7e57d7adf515c5803fa86c9c63368be407783d3d325116d912

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              0322f1c0d1e6a242f3cd395bef0b528a659b02033a8ad811bac8e0d65d44dbaa7f252dae7df6bd2d138e285a6e2d84f56814237faeda63561ca41892fe904426

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              9KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              838945ae92528b70004f3d1748138071

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cee5f04a314f7cf92191e0f630bbeffdfe89208e

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3fa3a7e1c63c33652507291b85e6bbbd427f2cc13176c7eb1488e5f5271a7355

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              bc2a74db57b85d720bf4ae076d4db0352f75c37159416d454f61a58b53effcd77ea5b04b20b744101f17de64192dbde73701a354c29c7758709d6114cd077756

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              9KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              053d50960c474a53343c2e3223c15129

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              73f800acf26ec3292d30c4bd9ab0d17ff9b14e7d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7106f48291a17d17b16397bd4375df2c3a09c22933f8acc9fe9620541824374c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              9bc7603261a2822e05763df3e5ad8675d6c5bfd44fddb44a0a13014029b60387edc1021ceb1684868fcb384a7c10524708397bc43ef5e09644f05b063bdeaed6

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              15KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              cac44bfbd2efc775fd3a2295b05906e4

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c5eca0e7734e600f0cfa840271ce02438b56029a

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              d4ce80deb0243b9a6d238d18dcda613013a564b9a33e35e51e474067d0fa74e0

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              2e83b3ed15a2ce06688e5611af612077fbbc28552c6ad03e3a7926cf31f48eacadb62db5732ffa7d664874c6f770948407c1f68bc92037061ceb0fb05c48cc11

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d50bcca1-b294-4569-93e5-12a81a11b1d8.tmp
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              649B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              fa96dcafb86b6fcb6f9d81a088b540ba

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              d0532210f9406726eee3751232ff8deebbe92cff

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              abb6293a08c79d1a064fdea7053d16ea3549419c43551b9a7c0115b2cdfe8ee9

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c5e0f6f5763463076a3687ee9f56c7cde15014b08a2240ed1f5b53d34a1a0a7bcfced931ddec5a199f88323fcf1dde19261d7ab6e485878ae72b53e84c155d71

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              231KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              5e01df5ea14fcde32470047df45b3842

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              8d945119584c0743980e74a01beb485f38cf7441

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              864ee89aa51a18484013e97e01fedec154167e8d738061231116c10f6b824db3

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              e46b03a5da7b1fccc499a258998c4f9dda4e967969aedd1a175f91903674a9be8e0c87218afdab9c238afeab0deac976853e689ea93672cf92653bacba754023

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              231KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              389c6704db16eb574e9e7b97953a6b26

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              de6aeb2d200c2c5c976724ed5d5a62ad3e6afc1d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              cf2c5783c1db6e9ea094f2392611c2e63e70a3a6eb7405a597970284b2b72dd0

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              dadcf78adf056d71564fd65ad5ab9fc714e1995efa421ce46c3682ad37841b9e864947517cc2114aeca0847faad1230a7420e440d4fdf9c447f21eba206c7e4e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              264KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              f50f89a0a91564d0b8a211f8921aa7de

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              152B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              a0486d6f8406d852dd805b66ff467692

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              77ba1f63142e86b21c951b808f4bc5d8ed89b571

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              152B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              dc058ebc0f8181946a312f0be99ed79c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              077e3f0d3dddb018c1e71fd8e46d2244

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b50954ed5904b533372fe39b032e6a136ca75a7d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              12ea854aa2a6588219451d4af53fcd368e24b109085062deec4e5b891e059e82

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f9cb475d16d3e8dedc6ef2feaee4f9bad365a8bb992352163a0a9f4ff9e809bf895fc0ffd59375e60a44e5c5bd1f43217177fb44ffc0cc76cc85e45a612b9b3a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              0efcdae8412f64713244acb713cf7412

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b33e187d7323f15050885e512ca9eec3afb1c33c

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              18a3bf2c3d887e6c3e3b534ab36354d59933cecc05302093c22768e9bd7a02e7

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ac3f28737f4cf8d9b392f50633e5e76b9d60f42033ec9235956ec63f30c75cf85f2e1766793651c2310c55a6295ed08b1c75cd63b38b83974be4e6eae5a85217

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              30KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              59a788e3c1796eadc86c68fe59cfbee0

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              3e832fc928e20af7cbb4070046deacd5f704dd8e

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3731e1b8bc2c409c745d20666e3ed1c7a039ff7313cbd16db9e5d6e8816ad1b8

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c5a40752837cd7521f822936953cc9743528c35b033f023a69faedeb163cc9487a7b2b42bdf67c26a1ad6496f4900201a539c3fb4e7749d4b0ed9181e43282ec

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              62KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              d4e42b59d388425d5fc2dffbd7f3d3b3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              9221c53a571b0b970b09ff4ff9255367cf0ea3ab

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              a9c3b65da4ad8905dd851748964d21c1ed5354a2a033cb975a011fce08124db4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ab9795c89683567762d6516a48f6d5d9ed4f047128bf9635f9fd2d192e0259a17818234ee09d37d26b8822fc47e9765580a5faf92f78b4d48b5223b27eb31b3c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              107KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              4c287bd12167c1fcff2f2ad60c17a130

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              d563295faa6fda2dbdc1fe4bb260f5d12a0595f8

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              2253cb77b9b75e88ec87e25c359f185e88ca055dcfd0738b02c17accf2cc8250

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              557b77925c54c9ac05b94aeaa1c9628eb2fe3737a0d5375790cdbf221cac74cd2d1f0b174ba9c21ac66584f4c9401545b518a10bbfe8a91d8a69f5cab6ef8921

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              107KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e6ce2f36f5481c6ce7f140da15b01c02

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              751968930b89e646ecb1784eb1bd3687b63d3a17

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              07b209f54c9d1bcbc93f2722ca01fa306f5a38777d1006ee904c659b0dbc215a

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              3d0b53e96a9f5a16f4a95dd25de25f0fed2a286b25d2aa20b85efd6c732a725d2c86386f163de12f0c4dfff47b9575e003767065a13df65b1cf099cff4882457

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              95KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              a5a8a58046cccdb6ee1a15a6ec873511

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4753d9fe5162d5dea8169ee7e24fb34c226e4a8f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              fc0d183f1b059385e6f754e49b78452249eb26bf8604bd631f2b75ca47b84970

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              a3ec5117546e8c5ca3680999ff7ffca76bdafa797004e31ffc82c89532fd16bb8181486945fe7415812c451f4e14471893da6606621778dd85426822419c4a4f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              be42578da113be82ef161157874207cb

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              9dbb8f4bf675ed14844ec80f509572b489ceddf1

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b1356e6883c723ee65a82b2e0d29e2f5a067846a33ac984d8bc7cb063915e868

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              0542a3cf9cf3cb3341743dce4ad96def53ad7a8a455f4a3d582bc96df05d7077efdea8af4b67c94f6169b60c60bb513431acf21961cc43adeceddfd182d7b73e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              28KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              795d42f0aa6d6e52fae8798b271074fc

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cd61db2241226c9ac34e3ced08a704500116dc74

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              68b3376b08333e0b5125cbb757f3799c4f18be08b68795f531011cbeaef99aa1

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              1b64a7ccca442d428e0c9680deeb2b6917f93098fb03b52d1709aced12e72c7d40e4a0b6a8ca7c63fa10afa076c2f75490f08ff9dd53c07d90b013237b373e93

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              45KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              5f339ff8127ea962b8aa3a95709b6ad1

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              340631518650a5f3beef366ee93ea20ceb5da39e

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b3ff14cf44c5c690b256a05bd28f7f5b193f1b03ae6a6d512dc267ebaa505260

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              65e21ff5cb91fc5221bab0f952d6be06726ed9fc98d5d560b2d1e1bf2d25c3de44b1509a1962e925ab543dbb2d42eeaa7e572f9501d8e35d980e769f30b4d3bb

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              efb9f6a1680c9d3ce3abe4d5a75c7c6c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a454374b7f43f129d4245e73c2048849a78768c9

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              96919908509422207d3fe3dbdf26a7bf0da651dae2b8481c4dce4ef0812add18

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              1d6fa00634b899162a4e97adf05cdb97ca1eeaec3f43bdef4412ccbe4ae560ee19073817aab38508b724f177e7942b07982acbf918750fad0385d3b5db3d124a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              41KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              ca9e4686e278b752e1dec522d6830b1f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              1129a37b84ee4708492f51323c90804bb0dfed64

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              67KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              bcfda9afc202574572f0247968812014

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              80f8af2d5d2f978a3969a56256aace20e893fb3f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7c970cd163690addf4a69faf5aea65e7f083ca549f75a66d04a73cb793a00f91

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              508ca6011abb2ec4345c3b80bd89979151fee0a0de851f69b7aa06e69c89f6d8c3b6144f2f4715112c896c5b8a3e3e9cd49b05c9b507602d7f0d6b10061b17bd

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              18KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              8eff0b8045fd1959e117f85654ae7770

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              227fee13ceb7c410b5c0bb8000258b6643cb6255

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\072bafc7f3261b74_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              66KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              1646f013de253485326e1b52b85037e9

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ea060c3157857bda015ceb496236b10e512b4bef

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7847597c44ca672d19ba65ba772378d7be60f23755744d613f2ff99951b1ff77

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c649ff8b48b6aafc1e89b7711e65caad88dea70b8e7d4b1842e49a9c18424b7233e1357453490540c06e51d3b1c53257456265ba00d01e1d9a44c5d90d1ccc4f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1507bc01e431dca8_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              267B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              87f9a4b2ebce01cf8f2b19e30865bcf0

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c7d5c685fa5f8cea51966888ec433ea18cbe99c4

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              f4d15c14e8dd7ac294742ff687770a3f6cc6d1ca4db1e6121e0b8cb730b42182

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              b3038c90f9a458f1ab9f22191fc4e2ffd106b6dd32705d47d81fc5679b93d0a5d837736ea9275ee8accc9bd305dabbb71230dfe4895f2f3ecf737245c1dfb625

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17789dcfa107eea0_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              31KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              ab4a14e131d744b93cabd9d5bc53d426

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b7f7b456f65d70dbb9b75aed837406f7a4b41f6f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              0d063c4ca5d0a051ef15eee312f8d4a741ed0d131b1890e11b302ea9e580279c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              dc6107a554a553775f1cca500a8f5359decb663d6e76ec829194fa20bf4f0e4663d266945f3894541ee7de637d86f37b874f487fef199492d14cec4a7d652d58

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a4716f34a6c4be3_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              10KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              4c0da0e9ca3da7230bb0fcbb6c50ccb8

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              677e27cbd2a25919e6c38a8bf59cb17102d172af

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              35d265e06dca01840d01f4045c38badd49c0b8a8382d3e46d7e2c0bce8afee37

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              a83483a1a7e448a53b8c8efe5eab710b6fd7d4740d93471c2b4e8a1ef61b55e319764cbf9b6941a50a71a6f479e1d5837e055fed2524ab493f9b61105c7acf03

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\213e86c1da315ddc_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              32KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              c99284440a49c96bf8e7bd043aa70e75

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              e59e21befe8fcc2ea644d2b8ea1b2b9034149024

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              39b7c9ec869aa1615a279bdf55219e90597f1816d4bc223fe46f2dff5989423f

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              53b6d414eb986341c82f426c490706f0785303752c59cca85b6fb3f5aa348f369578c89dd49eace54f833fde7d7d60e3d6fd4a66163637118019a7907c891e24

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              309B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              5a64dfe1f804a24c1f93ac68180e98db

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a83a7ab28740354e0613a91cf695bc0679ca1309

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              77472511077799d72d335cea555234ee5f0ceb584e919ef9bce7b6bad1016aac

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f6e1572f66d362f7d840698a564143f1d3d6b4b6c6d4e4f6283cd54c1042a7e92754349249e53e6a24dc6fe890e732343fe3a2a6c0cd778f1d00e2375e393c67

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4a39413adbf58c2b_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              c021df88aff34721cca6288bbdb39c79

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              8edb6f6962f10f367aef74b467bc00a1f013aeb3

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              05d590c1513d6d059085630c124c2e3284ead75f60ed948259aeceb7855af70b

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ae7f4d7f56771157f5b16393ad237dee5cba23516bbcc30a6070aaa47cfdf9a37342d119a354796f4ead33158bac88c08f4436f9c7e23a5998480f29bc45260e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              25KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              ed22b4ca45cd541796d5b0ca5a2a9a5c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              91893113468b14e9e978ad705dd400640618e595

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              a65e27024449efcda80760b517518731d3137976507c2e2cd5fd234e80cc0f48

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ddbb7d3957fe620822e87c74fc9379b2f934aafd96f8e679839190b73f7c88bd703cf250c149ba4615814c802a4a011cdcd0602db7e16b32ce3ba814d52ccf00

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\522ad26e04b5f6b3_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              290KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              6f6c70a1acd4a384ecf0ee05cf1d5754

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              d3d7b4b2c375c21c00602f1a5bc13a0be8b27bb8

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              7429533009dd005504887e58dd35d0f19f6eadeaf49ec975c5e226eff3a59751

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c5c085ac1edcf36b6b418e2b03d1a7b634fc16735c676973d0914d663a6803660aedc8c5feb932a274e10b6e18fb7be55c9701579d10e84fa519033c46119369

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\52b474d8ce30a69c_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              311B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e618932c2ff60caa2121a5d41f72ff02

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              90f39461bc1b429655f67d288823635b25c218d8

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              4e6da329a287bb33cd0a9429665fd870e3d30e0cf79f68600ed7269a978f48c7

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              03f2c6e4b9f856e87e7b4a6bc39378e600afda6534c752e384dada3e773f3e4224cc5728cda72cebf64054f381da00f208e49f3e22045d2fd6c33a29b56817f1

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\58c43c5235c211e1_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              87KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              2481ad730f0b75c98265b6f7a0f85230

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              e41c62852d9cc0fbb3a0733aa79adad672a9ab51

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              970721a717b6c8fd6989d583aca64e8cba2e6b9d11bec82a2709cd0c5fe6acb2

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              fdacfd49e4666a383601f210280b4e794c19a1b2d7b17706ec1add6b14ad9121e8b55a54804b4023cbec239a7cc4c9007ef516d76651bacec86cdef49c0da332

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64636349b5143a9a_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              b46230e7d88f9e10b81280910db41c02

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4214d1b9dcf19a3eb08ef61152306cbe94b86325

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              be102a25140d8f16c09de935d531d60e348b4ca59418b10cd24c6dee4b974e88

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              203d570ce3ff96249da25f36972171b19e387673332ccf5ab7802c575250a71ad8548f6d5465a282e1dd8ef8c718217baeee0823971f2aa8815dec41c6ebe928

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e14453d219dc1f4_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              11KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              c0bd59c7b44279b09559dd156ed1bc70

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              940e3a036262dc9d4c5b5ceb0c2a90bb967c66c1

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3a2ed1a6c7c966c20a84e9a1189e05b0518f65a94cf13773a619dfabb3b4b7ad

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              820b0a16c8bb85819168d6750450fa14407b93d0d98bb680a15c8bdad7899f7dab9aa864c93be6e3a743a098110bcbaab802039fea70354435b626f3801b1982

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\73a5f304f45481da_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              55KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              8fa6aef9fc69b66ba4465f50bb2bd18f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6e9ea2ca891504b913a434e4f1f3bcbca66ada34

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              04e644f36b66ca8eafac5e91e2bdcdeaf6c7329cd6b7bbb4493b8be003c1ca35

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              333a459e4276e2938a6d8cdd91974003403a5a172a36532e989513c4628e7d9aa0b68f0b1fa65beb9be5c534e87aeaa7324a29d9887f892ba6554f35af9ad3bb

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81b94b5b6e2149af_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              388KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              8ef1100b9d22ecbb3a76112351fd4aa4

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              afc3f3a27a0ec415d2f334f6ce6e2edc869249f1

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              cdb603c025aabff1ae0b54bed9a116965e8b978e6431bbef068560cbf7bad7e4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f2b3724296cef650435e10ada9096bac1384399de50f27a07b94f5f84bc195795a2a995e1f4811a67edf3ca4989e5f98867dd4424b5f2de18ea9ff35da15a1d5

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a863e12765685c6b_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              322B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              99f9ca403316e61b2558c9b7a554639d

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              848b8a2ac5f0bf0bf3a9867e953f271dc4f900fe

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b213462ff1ed18e53b58a6f17685aedef57e0952d951ce08840aaf1c23eadf8e

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              d0984ff8ec2baaced2208f791af7319d8336318b247efdf3e52f3302e4f5b0a9533212240bd0b873cac1a59f85397500e9ce60b70dbb39e0fb5c8b629c4429b7

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ab4e731a7d2a38d0_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              268B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              67ddf40ca26656aff1b218012d713d79

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              7a4ca9482bf292ae6843619f8f2d2107ef15984c

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c8c2ee533c1a4462a0351ae3a622a84d706fad19bc78e6596b0fc67e1ed6cba5

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              8bb1e2aa9c553c71f75994d044f47cbd950459c656bd1d8dfec8b0fd7200b0250d4322a9f95921ee963b356699640e19b2fba59913d1b6bbe26748118d9f42af

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b93191cfa3bc3e85_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              57fbb09808bac2eb4a4d32816c353adf

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              799125afa1c0428fdd135fb89cedef5e711bc520

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              1cc682aea950b6868057c512b8c86884e31ee41190483c45179db20b11097bd7

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ae03645922e3631390081ec09ab486b6523932f4367b280b8371983f47663f1ea8368bdd1d5e1f993581170df2339d7be04ff3ccbaa48ed4b019ec76fd621a59

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be53f07dc4bcea36_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              19KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e9d88c3f2b77fe8b95c6ca9ad8191d55

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              e63bde41b9eb2a7673075da12e6cdb5f3e7bf815

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              1d61735a480cb3bc7ac370eb440df447485e40504e70e1081987ee369e4b6aff

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              fa6a09319787009461cd003d16fab4fbb721544e3c6498f6d00aea658544c8f453bdc3eead044e7f94c2519ac2583f587a3a9e404f885b37d0c8c788652b8899

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfe8fd34e8ea4674_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              2704d0ab40923d6507ef3062328868f3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4f3e1e83537cf7a354a56e697bdc8a1a020e966d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c3cd5c1942647d97a1659451ee3b32288fabaedf8b913b08b24a3fa0bcf60933

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              b3d4615dba7dead0a25aa710e0a8e9afcd7e824894dd1a1943fde6580e0b16d6f7150accf86f4c9d67dfc2403a628aa8abd344861209716f097e94586067f50a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9d1f6d6df85a34f_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              8KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              69bc69850acb6ac1b381618abb1fced3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4965d67cb7c93bb3c6eb6ff528afa6bf69fac87f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              91830f33efe5b952fa5454111849dbb0a7428fcb4d3858ed7570529b2c4c2133

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              2dcd06d1097d2216750e0bacab36c1b1a0b144caafa887962a75631d1fa0abc94e6e4aa00562dea76ffedd46a58dc1bad7428d0ba5ed13435e8f38c9bad9e78f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eeb4a9f2900da8d3_0
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              325KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              baa377394e5afb0f6c63cdb14d80ced3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              8d6f4f06a28cfb1d1ec8176f737b70baea5e5721

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              df060884fc019bdaffd186f52d7dc0ba6260811c54bce2a3bd3151d365999949

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              962c96aef05ed1975c75f6606be336b3bbb28d1a1dd6fd2bf63d592610c72f2ce30290c0a5168e7e053876f5810cda4c5cdb50885c43907a5ac5ed73399ffa5d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              30b1d3586c2b1e5aa25a6cfa3434a5df

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              37e8cd97f34eb7f831e216a8161a1782b5d88d96

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c08e01cc850d0ddcf7d01c41a796444e982d208c6fcafc72f58adc4902dc20f9

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              6d60795690b295bec742be7e8bb36130407b7a693c99ce017dfe7b22e097377ddbe50eb631fd6d6d51f5d7409efae5bfc1307d052348639f11d9d370e46f5568

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              11a62b2214c8ae1e2bc214e2cbb8ba90

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              f604614dd73a9f5a23718acffaef0f20e1c60ca2

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              854bb8fc1b4e2721943f5f9adeaa4cc7ed31588176c2ff5459126b269a8fde73

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              3ccc1a4be196a2c293328ae0e9a53f68145c832b42e21e12a68c508c91a1621b130f8786929052971d44fec5fb2fa85a575a8b8c26765a30c08e21c91aa3bb1e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              26aabd1ab6590e43c87196b1a78f091e

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a6f36cae5f6fbe2e208187f5e9e6010edfea9b0b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              ebcab4e1ae0c4f6291610cf629326c317b604da3d71a4af32bf427e9c1737959

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              88a27d077dfbcaf473478ddcf53866de4f095734a16cc035788865bc11fe8b1d5a17b746fc3f306b0ea91bab0d8a8cd0ad3bc25372711e70417090504a8c0aad

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              b7afae8310618abcd10839654aeead13

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ac6c193bb1b6c6bcd4dc551ec9ce146a2265f6b6

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              72e18b3e13df0a9bf27164a50270ad51ccfa71f9000cfa78e897378a0098211c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              fbb3abd1dcc12e8f32614211ac7409190bed0253cee3b060e28b5eca6ef573ccd8114b440a09100389c8b992288ef7fd4d2f5d2e873f9b06fdd08941bfeb6a41

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              17KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              6ec462236d0a9feb92370fa5cbd12910

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c45616cd466c826570f42e234611364b6223999f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              22b57e6e26e5cf7ed84f7ac9e54fd73041bfcd0131146dc3ab8def6918131e4d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              6eb7492295aa53a26d365d1bbfecdeba51832ed2d7be45e770a0460239368dea11de639d79f51e678ccceb0cc40984ec1a04cd034ad1069a5d7974c8fda39c4c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              111B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              285252a2f6327d41eab203dc2f402c67

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              18598cade695d59df0c4484d64bdba8c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b7faeb27c6f22f5fb28080ab143bbe46c1a9fb7a

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              2039e54fed6061e872e2396d6f5e836f4c55465ac696c61e34d5bd90ad8f7a0f

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              9ce1c6267eb152c28ed2d14fb606567c89fbc058b7403721e90944913d0ecae710bfd24f69313bc38648cc263a76a5c45b463ddb5f82e2c41f3c9aa5b3798db0

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              c041f569ee6170e828bad930a91712f3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a64ab44535bdfac588a380c9d1fec3e66ce66d87

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              aba906c266eede11ba40884d85f593cd78b12c494a55f39cee434836bb2515d4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              39cf9210e2e8a9bfc7e32db19ae340686608dfe48e9c33943c4ccbef9608cd9abf04ab47c337b3b7dd9b5e2824cc6d34ba11c9d3dd15746e620d780550686115

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              8KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e46e86938f293cc5494afbf746839cdf

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              2622e0c0c0765963f4a9629b28a3549ece8e3780

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              826aa5407d998c68b1843986ef050cfc1d4a5b845d34bbb6365b14aa78db771e

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              7b240eae745837f2f0fbb2c31d1f681b9b31b03027a77956ecbba4ca620304528a23de564d2fe2d8470718a56bef02d20bd068677a1c11466470e083d13aa430

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              67a42e7b96e71cdca65ce67383926b9a

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              25a169e177cbce5e335d39490c395cf4315597f9

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              519083b54eeb36428ee3e84bd15e503dc8adf10f9d29c402c5f89cacab2b8c13

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              7d044926aa1ac35c9943c8fd325dd3d4adadbf9356e2ddd20504989749f087acb5140725a286e25528f1a8feb8b0286f62ab35e48c9d272688e7e6655f3294f0

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              7KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              a7639b1c3a3a000fe598dc147ea80920

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              36d667f7421ebc446c78809a9ff417bc28774f66

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              81413cf118561c2944d0ee45b9b2e0e7a012152e30ce02701d5389431731c310

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              66c85840f31aa09c037d4fac174b93cead5a52652eb9cd508f62c32940240a566111c1d6662911dc8bf4cce49730f05835da27e902c02aaa672257a8bd31811a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              8KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              05998de9052c33e422fc3fb87b6358df

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              bef3cbd228804596c543708ef2ad645be7f1fb4b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              bb0b735ae0604252b157efc062323f1343edecf7f592f867ed6f9593c49c6971

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              e51adbf00703f28718264066c353e0761f082eb0a4e1b8aaff411e355a12cff2d14ef1b830d254477ed87ef3a2b33f0d53589caf7919b4b3716914e8f4e3b005

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              19KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              2f88a35c75006db443973d24586ea158

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4ade5c8cd8f715271e3c3d2f560e338f9dd072a3

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3644172788d73d946d6bf0bdc420a2011a890e1566fb803f62e69ade0b28347d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              e5872f361b964f3a2851b48540d4aeabe4122d1e66de762f784e987332819cfd714383c30cb2edbc69bfdf13bdbad3e925877e234f9d06d9d18ee9db03a2bb31

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              9KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              b131fc5796ad96e66ec535b4becd1935

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              168b05f1c88f62f5f6328d22c179b8aa6538c68f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              dfc808e8e3ac6d9c379f00c8991812ad781181ce1950eac7e4fd158e7b48847d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              a20902061fdb4aec586b6e26caa8ffec53ae3a1a741e98e4eba646c8972df604c9ffd51cb419a37d7ff20ce81d6542fc09ae96d1dbe778a9b7e2bbc5b7cc4de6

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              8KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              5d399866a204b110b9fc9c4ab3edaf79

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              dd4f68ad12292e80f47d2c0904f81ee7b7742779

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              ab303efa28f73b2faa1c5ccba95027f0260a04e4d6673222a6e5103745f0784d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              06faa95b2fe6b06fdb3fb758aeb5104efba390510d7b5f6f04c2b3fa9667462a34d07209dcb27db05fee06736eaa32facc4d2ef7ec8f4a328be3c9dc6b04f2df

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              18KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              a6ad379e0f9e7ee4df9f0797d2f98493

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              766c66a925db421e4a34a8a99a8a854148a7f224

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              4bfa4fc4511f77d112fc46434fdda4ab443f52aed6cd459bd0a08f027185a270

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ebfd541ee908d82478147a03bc812a2ea2bdc53ef3d55d5e9538a6b0dfb1ebb8bd556a9ca4209a07368857ee26d49afcb31350972ccfefb823b4a7e19a3424d7

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              18KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              962aaaa2b9589af97cb7a58d0d1f6874

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b44bd95725880782af16145a113c8f6c1fb881ed

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              eb800867c36f91cdf0c1bdd14f70a3365493e0e625bc357f1b45c4506b333691

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ff05f63b0271b82940bd7d40ac814efcb88839d4f503919ff2bce1b376ea89830b6c1fe2eb3d986055c848e4f3ebdc77fe9f7ce52f0b40f06b346989cec9939e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              18KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              09326cb1d7354a8b18b76003b8095294

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6e1efe8dc191875873bf7af32b59f17b8233ca17

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              8a46f48cc034b6aa31ce5520b6273f98c47d61e54899c0d2ca7b8cbc784deea3

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              c0d056c8ca43ce444bcef2e33b577dcda0def8de0aafc75f873a81ff8d87967cddd420b3f5850eac548e0407cf490773ebf1c5bdbe554611817dce7b0afa607d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              9KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              2f9399b8fccb59ce09be309843d1c22d

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              80397cd2005596cf9e70893878054757beb794e7

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              5c9bc1fee7e153a5aa77f9111f7ed766133c524d4961788b10f1a1eee05f604a

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              8c67f5d58ee2ba04e2ce19ca519b381c3c88abe54ee6b92174159ef5c180a71eeb9446f330fa5e54140e731e1c27811614adf7ba3b35dd17b9ccc585d25c4c67

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3aeb5de45bdd41ab15087aaf03f888e3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              0e39c458e7753319e7d4b59a69a92b432dbb73f3

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b2cf843de07d64ab8b9fedd386d3fc089421812ca221c6b0bc3135c061363a2b

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              aa6f04817a5daff921a32046dd1e087855a25822c1da32959df39fec400969fe2b6b8f1c0634efbced1b4bf5256645d2550c6bac2308134626ae29b52cf1864f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              20KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3d64f6a1a005a950e253ba21fc2b80cc

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              0a0f3fb6987406202f3665a5d4f37d3904220b71

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              9c80e9e9cfddb8275e7c64eb90eed628ae67aef4fd3242f59e01495a1b62b157

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              6bd7cd4b252fc0ab37212bda31734fee77569c3d79b921ccb4f6ddc8bd57e3445e0cc8cb816cd7129616d85c45580346214d721fbac77d4f5f656ccd41158a56

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              19KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              fee39e5b2743f84871ee62a9cc2ffa1f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a1e08ef9174534d3e8c1e26996c195737837b160

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              3e94b89be692f283e45a566d37dd77410a50c2dec29984713cec8866989675f5

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              9f3392eb854b38437563b205ce156b55846431abc97019128212338468e6503a058a84ae1325110b84af10aad5eb56e35cc572af5f4c02de4d28a90d8a04df5b

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              9KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              9da567c4607eb6c48c0f9d8e862b2f54

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              09a820bf671c52d4b76f4805ac9045da229e2cd6

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              27498d1e35501c4c08a790de3898c6157f5570e2c69ce679585ffbd386e00196

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              dee6c3d11aaf2a45ce42a71f73638beac1a2fa63c72e2a07d886a3b2b6eec94cdd4a6227d2735c862ff228a154d1b1af53ca9110b3155b86277c88e3642c7143

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              6KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              f65ba9eaece25b01c21441be37c522cb

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              5efc30fe657633d6275aa6c5c6a0a6563b392d50

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b5972db1c76bda413a42698c5128f0c863faa0da01ab0ea6335d2c9d16b3e3c4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              f7c8c17505a09bacef97bc29f9b3df26a77aa363202fe2e54883875b840531c045216e4ebbe486c968ace8b91e83a57d8854f0f13c9c55985d570beb3a40e222

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              72B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              7c345e3699587b55dc61b2e9cfddebf2

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              9c3c6a7da749283de9d5c8db5ea08ccf0ce41ecd

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c182444146b8267ec260508baedcce2db9e9e71c6b2877d6869b9a5d7b4ef583

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              e731d7480c4f88cff4bdf42fb5c2b835acd3194eb01a03b9dbb731163aeaea8cb99f185d3bf9d0cdcd9137ae7dff371c84e451ad5ef8cbe8a4c3e697ba52389c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe644528.TMP
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              48B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              dba29508c76fc4e82afd08ddfd8afb8b

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ab65faf13d4cf2d63046c781fedbcaa81d0e5917

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              40bdec4b6b66611d958758f29d434ec4dffa7e4516c0f8c51af98337c2bb815b

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ee8ac7a34105ac7d2dad14afd140543da8a9d37328733d859495c1e82690f021853ebc1ca9689d097f14a455692750d895303f7cca4476079b808505d747f8d8

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              012c8226c6313e69f51fca5c2fcb0b76

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cd2c124bace6474eb81a7ebd56ffa4c8bc421e53

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              c732e8c7f0381f8579e66c9fde322684e37125df7551eaddaeea155f5ab5a6a4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ebfe16b8dc6fdfe9ba8bd3b91ec0debd211ab6a50693dde676f85a93b999029093377612e9688843ead90fd2f3cfb86b5f5d19860ec016a2ff0d2cbd69f5c24c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              0ce287aa85fe4c21ca02e599ee999a4d

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              5e62e63866c1ea0b6246303234d1a28135c88acd

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              34a471eaec243ee6e744a2778a4d6396846bda6df098dee011cd3a4537cd9163

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              3389389d8540faceb8f3e47b063b3d2082afb051df04d6cb16e113e440e89228e8527e2a36076e026451494e90291df3950f390c20c4c8da0cebe939072be73d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              873B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              1427c66827fc1b45bf6a675dcbf38263

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              4555b8e71ff73fb3a7b179a1cdfb1fcf9f1ec01a

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              8e3e2c51d2ac0d636d81eab07b532284548466a829b0522ff11db27fad8c6f9c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              75a06ceda2a306c899f226b01a1eaab7103447fbfa97a40ae660bd201c7a089da41495198772ffdcc1779421de302565ad14903ebf1379d11b1f202a42d1ca52

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              5f63541b8e7d917556af3d6c50695b32

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6c69904999a5644b7b16d5e4652bd58f71d54bd2

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              0f35ab49654fa7b6d78d43546e67936c05f2a191d2be4fd036735757d567508c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              6c3524412d004ccbe477eed14662092e788330e00b5475a7e668e8696f8c19faa1ec20816d8358228bf924510fa36fbe4a8f8dbe56b12ee82670a223bde8df4f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3047bb8597ea139394c63809070c3dcb

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              abce07f50c5da7863b6e038dc994c1f960045884

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              93fc7742aa0f5e94e763660e3cf6b072877fd9ddebb7690dc447920a9b928ce3

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              4a86d744866d842d9acd80c2a70f864a3f38ae1d18180e334244d00b4764a7a8739378795f01cdd0904c609dc2478a48882bab149fa08cf1e7ae019da7ce9270

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              6449a541582a70e4d64b733e341ce585

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              52dce142a129c241703fb38b380555805565ae8d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              ddae24bc5e0f0b5be91f78bb6e9daf5da8ec7571cab919917ff4b97666395719

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ceb2d744f363c36781401f43844ec1266d352b48a67191723f7ffc5e657043d15c83ff5c47af99d551becea269d341cde0af617bf122b8e72a649d5095257d3e

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              6KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              60ff681dfde64c3fb1c0c03100056ce2

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              acfbfa4fa4becdab20d8944677fca6ef845683b4

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              510248aa66e75d1bea1f01adde20cd56b3bec9ee5a49af51376684e101429034

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              67a2180c5274b72f95087027e89450803628432b682277337515d79a9563c8f72777d6bcb6fd9112bcd5d3128cd0cf8ad3983dfe7ccae0380844c247c925e319

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              4d16b17f07014750a776e89ddc8ab3f4

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              cfd87c1bc31fb2b51231dc8e78ec50cd350ea9bd

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              5c597169e228b8354df5c37b8c5f66e45252e1552a4c0f0b19420e936f2a5f10

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              b9f811c35dd8a6585e8999f4a9f15b287647c8e81e16c040fa624f9c9a077323ccd850afa3298240e4cd4537e7c4fd055e097042bf71f6eb8cddf68a6dadd5ff

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              aa1dea9339cb03117b8d265cdf73a3d5

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              543dd94fdac813d641fb3f4a8029639ff8c1b593

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              9363bc5d8a4dbbc96d86e855a4785a17a13de9fac7fccf325e6497388cea6de2

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              22e99f752e952ecccbad7ff1dc646370a2579e0059f5092829245da8109fd55cbb59c85aea58a23f67766399766b3db1993d44a202e2c0e1fcb0b5d7b278dc08

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              9f3822c3d30c214fe1296c169a1609b0

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              db469fbb6516c39a08bb96c8c2652a0805942178

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              d85ff0231d9a2c0b1d474940cc8fb148fd553faef7cedda62a25d6e313e1002e

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              7f4764ae4b886f99f356fe4fdedd82be160f508e208d7a5d9af4eb5165a94f71562f9b34c85cb46753e0ec5a780f15e5d2766ee77204b45fece2abe63d26e762

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe62845d.TMP
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              873B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              97b27f088ac37d085f32674064911f2a

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              9bfdad67f3bf02c67acac4502b8088238281b734

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              39c5a303d68657238f3a6cba73d410ae82a17e6fe9ae783cb8e19677786ef46c

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              1956765500cfd8a5743554db8192503bc211311f232c259215788627a812bcc46046ef504d6ee12dc8a21c1fe2fd5ff532e52a2b01ad6fc9ba233a9341e47cee

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16B

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e95ddb55-7f35-4ccb-b1bf-66e8b2722bcc.tmp
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              7KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              7ada9ad2418ec1e8f439473164c3f425

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              c4969da5cbb600a0ffc708f9a3e54cac25ce96dd

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              0f3ef05919967cb26b2d9231544d79f89ac54f33390495d05a254732c3edf7e2

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              55dba40436824ae7e9ef2fd236bcd00d58bb15bf7f0477fbf8350492b82c369e0bb3f072a0dbdbacf417076871b0b156966958dd88160ec00a686e3ff29f726f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              10KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              484343a4d62955a4c0a1440fbcce52ab

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              8e13687dcbd64888a2c0f0fdbb0cf928fcbfc75e

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              b2839b7b4ef4b3e63739778bdf3675d5c816e6d4d52e239d4066d350cd51b2b2

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              51a3ea0e8dd684b758940a75bf04682b02a360529cd029be756cd6d0bd7e7d618adba31253b217271d78ce1c7ef4930e237925c78cbd29ffe4b683cf037f0b58

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              11KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              09e8fb9cda56f4b6554e5c719107973e

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              b3d725518d876f8b8464a37cb7ec175e0559873b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              0dce3f2ac922a74506e309c3ea3017ac382af5c66f11d443e1cbeeb4e7feb2c4

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              13cdf60612efa881619ca5c95013d9484e2210547887d6406328f4f026cf6a1db26f0a0d14b9d9c5955dd66c5aa283f318573ce2a2dd9f325fb9fcb8b4a3714d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              11KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              0d6721aa5c9c85bb10c2cd03d50df7ee

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              8ebc6227d0b80da9489abe51ed8b36a2bbf4cf18

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              d0ac9b264476c4cb32daddbe6cb068f990caa55f6db0b4c10a190e33bfd29f4d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              85784ab9981f6097557495c09f5d17431e9f694ceaad29afec91a81ba4b85c995653bc4f7580821a331b0ac6e8911cbcffcca781b96e75a9d7324a55f7f03e4c

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              11KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              68bc9f3e5006b1cd9c14a84a859302e0

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              05f783ea056a6a63240189cb11ef4925d11d7c24

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              a72a7b1e3b3e056ea808e5c5bd4a3469e1a1ae9defdea9ac63bd9b3011cc42fa

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ace7016c73868f70c805b3e05fabae5eb0efd5199b3135a455045bd0836a1ae14c7339ba94916f1b3f7eaa3f7e13812aa8b095db0387031de62850ff96d0961d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\OperaGX.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3.8MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e35055f2d2d64df1fb9599babbd35b2c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              ea9fbd1b3cb9469f1195cee6c49290088bc2a77d

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              05ef6a41fcb6de5e54542353dad2816344423b379a6f33a072ff81fea5f5481f

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              fa2e23a5a0ba81bc1207a4b77a22f7d3bbf446a7f72b8fe9a3b6ab2bae5385c076ea3aaa8d5e2c77a7aa43efe5147916be08741414ec4fc95ac589046b68fc89

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202412181947441\additional_file0.tmp
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1.4MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              e9a2209b61f4be34f25069a6e54affea

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6368b0a81608c701b06b97aeff194ce88fd0e3c0

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              7.3MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              49e7ebda27b78f0995322e0fa63336b3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6e38e971bc7f249e4fd726d25a40a38dcb5acf3b

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              4cb3d4754510e21dbd794a59eb47ff4d811064ccb9c74b02b1d62a96c9f2de7d

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              ac6cfac6ecaa9feb74ee5631aa09649d2db33f6fcdbf4f65a0216f396d8b2e8ff5d1c62b14f6d025f29e37b3eccf87e9b838024e6c82502c956a21f686268b18

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Opera_installer_2412181947446223900.dll
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              6.8MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              be12a3550124e852e52fa2effa9d48da

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              a026f8a03b22fcfc4b256b28177938645a423f63

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              41d5b126b9d1885a0e4f42b67366cde76ecb7573e93213ad6d6ef398d5787706

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              331320f69449e632de51f1317788f5fe64b647a8493bb13088c26dcfc86969716f06ec9956048cf4fcc817fd499ea153fcc8a26c3757da882c3f6045529d6602

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\PremierOpinion\ContentI3.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3.8MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              bf6eed6cdc17a0130189a33a55ef5209

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              e337f5a0931f69c464f162385f1330b4d27b372f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              ef2734657b11113a433abb7ebac962e2bf6bf685f05c5f672997f01875430168

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              90d23fd84007343e85f9fc003cf826b112fd930216a24d8c1488468443ae2a4b0c3cc2426b91c81a8228e125050e922fce05672e010e65247709fc4a7b856f1d

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\~osAF53.tmp\pmservice.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4.2MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              4ef95918e313c7ca01084629416fc714

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              5bdaba6920d3f4d1f8ea47ce693276530b5f2a9c

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              303707068aab06ab0341178558c28ce1670d10f16c39522859c4f21097a87ee9

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              75861731e9ec1a43741b2b84f60677e9fdf26d5db8d6e4e91297f826fc2c357272c18cede7f64c42798f5459900b33d693ababe4e1140e4cfc54ef7a04af633a

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              14KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              3920f3040077cdd0617715ec48c022c3

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              db54bb66c0bdc4ff480f4e68949414130ecc110f

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              492361cd869ad133599f085185893fb49d25350db18aaa3cb42d9e44e03b51bc

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              08cf017571146c30fcfd64aedd730fa5155cbd1bc2cc8ee88ba61b8d3bf1161fe0cd864068295666974e390e36c6c61836ecff2ce73ea7527a15f6b82895a759

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              10KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              f85120e3bc5b4f1643810bafebec725c

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              076227e29cab8c54fd53ad45e12d0e1a3260ea52

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              dbb38f1799a0da08dd2f5ad365e0ca959e9d8f2ac8eac32fe5debf117986e895

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              cd3243ef87391927dee9379f5923a185f3ec21a88935969f5ba0162cdad8803a9d6ccf8211c04ead8ea96cbf625d1bc18d3dc1f772a5fdaa9cd9e14f28b98080

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              c2f9c3159d194e6977668b30c651396a

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              38b8f448b5f7380246ddc7d9a056d8746f9fc58e

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              050f3780f641afa4a1166d36869075afc3430a60bc3bd23140c9b0c842e514e3

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              980f6f838f732ac22e7894082cfe1de2a659296c78c7ccc701fec212fb161382845330e688a40bccf36248d60e2f5511f29ff2956e3b8f5e0f70fa1879ee140f

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              16KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              68581c4e4cc8cc12abbb0e6fca2aedbd

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              5e16bc941d060d8322adbaa3f878630d4ecea1e1

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              94f2924723871722c9419792dc1fa262ad217735d7f1c95284ded7ffa995bba5

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              cbc2461c7952982648ebf3142e0e7ebadefb60f9bb99ac7a5e709b1363859c1056c714efa9930ba0f9a26c9b46b6fef1485057b46e857eb61889831f1e36ee04

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Delta V3.61 b_55124356.exe
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5.7MB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              15d1c495ff66bf7cea8a6d14bfdf0a20

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              942814521fa406a225522f208ac67f90dbde0ae7

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              61c2c4a5d7c14f77ee88871ded4cc7f1e49dae3e4ef209504c66fedf4d22de42

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              063169f22108ac97a3ccb6f8e97380b1e48eef7a07b8fb20870b9bd5f03d7279d3fb10a69c09868beb4a1672ebe826198ae2d0ea81df4d29f9a288ea4f2b98d8

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • C:\Windows\Temp\REGBF4F.tmp
                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3KB

                                                                                                                                                                                                              MD5

                                                                                                                                                                                                              1cd953676bb29d81cd77347dd8ae2c33

                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                              6af4ccbb0708380188fafb0bd8aed8900102aa05

                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                              52a2ec8bc1dc1bc6e0bd752f04fb9bc44938160d068dbe36851399aadb6b5419

                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                              a0a1e21a199c76a148de598ea0c6cf06e2737b025a0ab7cbb0a8b14b0e838d4fa9753c279b97b56383cf81dbeb5147a43fc7cebfd65e3849e7b37bec7a479451

                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                            • memory/1080-2348-0x0000000075480000-0x00000000754E3000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              396KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2349-0x0000000068F50000-0x0000000068FA2000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              328KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2345-0x00000000746B0000-0x00000000746D1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              132KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2343-0x0000000075070000-0x0000000075285000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2.1MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2347-0x000000006B180000-0x000000006B248000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              800KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2346-0x0000000068FD0000-0x0000000069420000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4.3MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1080-2344-0x0000000075A00000-0x0000000075FB3000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5.7MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2355-0x0000000068F50000-0x0000000068FA2000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              328KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2352-0x0000000075A00000-0x0000000075FB3000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5.7MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2351-0x0000000075070000-0x0000000075285000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2.1MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2353-0x0000000075480000-0x00000000754E3000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              396KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2356-0x000000006B180000-0x000000006B248000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              800KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2357-0x00000000746B0000-0x00000000746D1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              132KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/1084-2354-0x0000000068FD0000-0x0000000069420000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4.3MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2254-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2261-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2260-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2262-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2263-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2264-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2265-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2255-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/4456-2256-0x0000000005F40000-0x0000000005F41000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5216-2365-0x0000000075070000-0x0000000075285000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2.1MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5216-2375-0x0000000075480000-0x00000000754E3000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              396KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2437-0x0000000008640000-0x0000000008648000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              32KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2433-0x0000000006920000-0x0000000006942000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              136KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2436-0x0000000007310000-0x00000000073AC000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              624KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2435-0x0000000006EA0000-0x00000000071F4000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              3.3MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2800-0x000000000E6E0000-0x000000000E772000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              584KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2434-0x00000000069F0000-0x0000000006A0E000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              120KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2430-0x0000000006970000-0x00000000069E6000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              472KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2429-0x0000000006500000-0x00000000065B0000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              704KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2428-0x00000000062D0000-0x00000000062DE000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              56KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2799-0x0000000010220000-0x00000000107C4000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              5.6MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2425-0x00000000000F0000-0x00000000011F6000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              17.0MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2426-0x0000000006000000-0x0000000006008000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              32KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5500-2427-0x0000000006310000-0x0000000006348000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              224KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2095-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2083-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2084-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2089-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2092-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2093-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2094-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2085-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2091-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/5952-2090-0x00000000037B0000-0x00000000037B1000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2116-0x00007FFB43B50000-0x00007FFB44020000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              4.8MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2115-0x00007FFB51440000-0x00007FFB514AB000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              428KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2114-0x00007FFB500D0000-0x00007FFB50399000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              2.8MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2113-0x00007FFB512F0000-0x00007FFB513AE000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              760KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2123-0x00007FFB4F410000-0x00007FFB4F47A000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              424KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2125-0x00007FFB4FC20000-0x00007FFB4FC51000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              196KB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2124-0x00007FFB48990000-0x00007FFB48A98000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              1.0MB

                                                                                                                                                                                                              Download

                                                                                                                                                                                                            • memory/6040-2126-0x00007FFB51C30000-0x00007FFB5236F000-memory.dmp

                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                              7.2MB

                                                                                                                                                                                                              Download