2e67d5e7d96aec62a9dda4c0259167a44908af863c2b3af2a019723205abba9e

Resubmissions

19/12/2024, 11:32

241219-nnswfasnds 8

19/12/2024, 11:31

241219-nmrxrasmhy 10

19/12/2024, 11:28

241219-nlhbxssqer 5

19/12/2024, 11:15

241219-nclyrasmfr 10

Analysis

max time kernel
1035s
max time network
1049s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
19/12/2024, 11:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AutoClicker-3.0.exe
Size

844KB
MD5

7ecfc8cd7455dd9998f7dad88f2a8a9d
SHA1

1751d9389adb1e7187afa4938a3559e58739dce6
SHA256

2e67d5e7d96aec62a9dda4c0259167a44908af863c2b3af2a019723205abba9e
SHA512

cb05e82b17c0f7444d1259b661f0c1e6603d8a959da7475f35078a851d528c630366916c17a37db1a2490af66e5346309177c9e31921d09e7e795492868e678d
SSDEEP

12288:GaWzgMg7v3qnCiWErQohh0F49CJ8lnybQg9BFg9UmTRHlM:BaHMv6CGrjBnybQg+mmhG

Score

8^/10

defense_evasion discovery evasion upx

Malware Config

Signatures

Disables Task Manager via registry modification
evasion
Downloads MZ/PE file

Executes dropped EXE 4 IoCs

pid	Process
5976	HorrorTrojan123 (1).exe
2212	HorrorTrojan123 (1).exe
5912	Firefox 21.3.7 Setup.exe
6092	papaj.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
1	raw.githubusercontent.com
3	raw.githubusercontent.com
50	raw.githubusercontent.com
83	raw.githubusercontent.com
84	raw.githubusercontent.com

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x000500000002a7d9-2461.dat	upx
behavioral1/memory/5912-2499-0x0000000000400000-0x0000000000449000-memory.dmp	upx
behavioral1/memory/5912-2509-0x0000000000400000-0x0000000000449000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 2 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Firefox 21.3.7 Setup.exe:Zone.Identifier	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 8 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	reg.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	papaj.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AutoClicker-3.0.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MS 0735.6+7421-safety.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HorrorTrojan123 (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	HorrorTrojan123 (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Firefox 21.3.7 Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133790816501613196"	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings	OpenWith.exe

Modifies registry key 1 TTPs 1 IoCs

Modify Registry

T1112

pid	Process
4336	reg.exe

NTFS ADS 8 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 733934.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234).rar:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234) (1).rar:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 355751.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Firefox 21.3.7 Setup.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\MS 0735.6+7421.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 722413.crdownload:SmartScreen	msedge.exe

Suspicious behavior: AddClipboardFormatListener 3 IoCs

pid	Process
4504	vlc.exe
732	vlc.exe
5620	vlc.exe

Suspicious behavior: EnumeratesProcesses 32 IoCs

pid	Process
4456	msedge.exe
4456	msedge.exe
3312	msedge.exe
3312	msedge.exe
4288	msedge.exe
4288	msedge.exe
3560	identity_helper.exe
3560	identity_helper.exe
1792	msedge.exe
1792	msedge.exe
5028	chrome.exe
5028	chrome.exe
788	msedge.exe
788	msedge.exe
1344	msedge.exe
1344	msedge.exe
6072	msedge.exe
6072	msedge.exe
6136	identity_helper.exe
6136	identity_helper.exe
5836	msedge.exe
5836	msedge.exe
5176	msedge.exe
5176	msedge.exe
5176	msedge.exe
5176	msedge.exe
1900	msedge.exe
1900	msedge.exe
624	msedge.exe
624	msedge.exe
5200	msedge.exe
5200	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 3 IoCs

pid	Process
892	AutoClicker-3.0.exe
5748	OpenWith.exe
4504	vlc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	956	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	956	AUDIODG.EXE
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe
Token: SeShutdownPrivilege	5028	chrome.exe
Token: SeCreatePagefilePrivilege	5028	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
4456	msedge.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
5028	chrome.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
1344	msedge.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
4504	vlc.exe
732	vlc.exe
732	vlc.exe
732	vlc.exe
732	vlc.exe
732	vlc.exe

Suspicious use of SetWindowsHookEx 15 IoCs

pid	Process
5976	HorrorTrojan123 (1).exe
5976	HorrorTrojan123 (1).exe
2212	HorrorTrojan123 (1).exe
2212	HorrorTrojan123 (1).exe
5748	OpenWith.exe
5748	OpenWith.exe
5748	OpenWith.exe
5748	OpenWith.exe
5748	OpenWith.exe
5748	OpenWith.exe
5748	OpenWith.exe
4504	vlc.exe
732	vlc.exe
5620	vlc.exe
6092	papaj.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4456 wrote to memory of 4344	4456	msedge.exe	80
PID 4456 wrote to memory of 4344	4456	msedge.exe	80
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 4828	4456	msedge.exe	81
PID 4456 wrote to memory of 3312	4456	msedge.exe	82
PID 4456 wrote to memory of 3312	4456	msedge.exe	82
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83
PID 4456 wrote to memory of 1120	4456	msedge.exe	83

C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.0.exe
"C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.0.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
PID:892

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9a5cd3cb8,0x7ff9a5cd3cc8,0x7ff9a5cd3cd8
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1844,648891037942237304,8711221617649498747,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:1792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4560

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1144

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1184

C:\Users\Admin\AppData\Local\Temp\Temp1_MS 0735.6+7421.zip\MS 0735.6+7421-safety.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MS 0735.6+7421.zip\MS 0735.6+7421-safety.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2252

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x0000000000000478 0x00000000000004E0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:956

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a867cc40,0x7ff9a867cc4c,0x7ff9a867cc58
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1872,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1672 /prefetch:2
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1692,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1996 /prefetch:3
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2120,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2156 /prefetch:8
  2⤵
  PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4400,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4412 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4696,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:8
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4728,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4736 /prefetch:8
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5004,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4656,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5020 /prefetch:8
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4676,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5148,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5160,i,14611752329234505431,13538823139327456483,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:2
  2⤵
  PID:2852

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3604

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4608

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:2248

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xe0,0xe4,0xe8,0xdc,0x10c,0x7ff9a5cd3cb8,0x7ff9a5cd3cc8,0x7ff9a5cd3cd8
  2⤵
  PID:2508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1848 /prefetch:2
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2284 /prefetch:8
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2840 /prefetch:1
  2⤵
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:5872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
  2⤵
  PID:5360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:5604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:3596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6212 /prefetch:8
  2⤵
  PID:5572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6248 /prefetch:8
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:5836
- C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe
  "C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  PID:5976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6480 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1788 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2136 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1720 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
  2⤵
  PID:6128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7120 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:5796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1
  2⤵
  PID:6112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:1900
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234).rar"
  2⤵
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7912 /prefetch:8
  2⤵
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7624 /prefetch:8
  2⤵
  - Subvert Trust Controls: Mark-of-the-Web Bypass
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:5200
- C:\Users\Admin\Downloads\Firefox 21.3.7 Setup.exe
  "C:\Users\Admin\Downloads\Firefox 21.3.7 Setup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:5912
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\6205.tmp\Firefox2137.cmd" "
    3⤵
    - System Location Discovery: System Language Discovery
    PID:5588
  - - C:\Windows\SysWOW64\reg.exe
      reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
      4⤵
      System Location Discovery: System Language Discovery
      Modifies registry key
      PID:4336
  - - C:\Users\Admin\AppData\Local\Temp\6205.tmp\papaj.exe
      papaj.exe
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      Suspicious use of SetWindowsHookEx
      PID:6092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2320 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1688 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2908 /prefetch:1
  2⤵
  PID:5508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4916 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7916 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
  2⤵
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2412 /prefetch:1
  2⤵
  PID:5760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2704 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7900 /prefetch:8
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3900 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,10778362900195400992,6622428821084791078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
  2⤵
  PID:3416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5340

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5416

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\6a06ea30e1e34905ade33dfe24f685f8 /t 6048 /p 5976
1⤵
PID:5864

C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe
"C:\Users\Admin\Downloads\HorrorTrojan123 (1).exe"
1⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2212

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\f0942d1b7768464a8f801d5fa9c50c10 /t 4324 /p 2212
1⤵
PID:2124

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5748
- C:\Program Files\VideoLAN\VLC\vlc.exe
  "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234).rar"
  2⤵
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:4504

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234).rar"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:5620

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x0000000000000478 0x00000000000004E0
1⤵
PID:2852

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6080

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:772

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c214f0957ac26bb394ed7bf55eb30fb1

SHA1
3713765b15a13fc0c0aadb3eaceb2e2a4d7403d2

SHA256
6a3d56cbc5befcf57c1fab2ce44e13bff228a9e0008e32150513f36fbfaadcc3

SHA512
dc654bf96f488e1e8fd4adfe5fe2a5582c81cca901f5ebb5ed02345c285b4c4fd9648206d410a7df39f7afe0bde5f0ee49e2370e5760294d0f4426417b6442f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8afc2f87843df76d4f58c8ee0f2f2ac9

SHA1
c4282757a6f05177e1f657d88a1dc33911c032d1

SHA256
018d07e68b95c4bec07d89ed7582b4dd448139422b1af7f8bd757471c24897f8

SHA512
edd792b1519f6ced01f5a9d970f89a75584858c66ffb3da17a3858fd93655ae0c5f35cae199fb7f6d8e06113184d83eecb989287d415f330fee4e4e7069a637c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
05e074f901cb5aee7191073b3fab6e87

SHA1
7fd448ef25227da7d4adc0a5e151f739ad74afe8

SHA256
103a9c244b801b40c471c60ac156a383dfe86deaff28421344d183d302a98fe8

SHA512
08a3a366416c939f20d4cf891dfc9ab1464231a03e9e831f7873787bc433b7d078e6336d11fb2630aac37b1cc6b28c72391a1275788742f95c2cf863ba9db5f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
097aec730b166a0e69c051d001443a89

SHA1
010defff495d28b3f24a31f8ccf870f60048beca

SHA256
d6e3b1346258c458521faee398a64f30a2df075762cc703c92ba24a6c4c5349c

SHA512
a9bb499b827d0a3e70dd51dd7c956031ad236d57c8c03b3b01390397841e6ea267b32a603a6732807ad639af55b42ed1fb39ac19a42d770c73424c80f77b765c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5576b9bed277946f959586f2796fbf3e

SHA1
857e8d95b993dd853e792d03334f8d29176e565b

SHA256
898d333e3936323a675ea66ab9822fd6288d848b4e73e52bcb30ff0cfd636c4f

SHA512
2203b35f39e318d858b559f3f578739f5119a6c886c2a734ecf28408d8a832cbafa6d02dcba626f43e804b46d5aad37ed89e74d35a75d208f9d981a35f88ff39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3d86ec108c150440f93976b852b68510

SHA1
eba31e77ed2b4edac4250feb04fd1743366e97e2

SHA256
73c0b2fc0364aaef0f4243ad2bfda8acf8708e9de4f9bdada1f4c4d118d33399

SHA512
d256c078f150d2127e782b4f507d27f0ae4f973321a2df21b11b876a65bbf5f6f952c5ad73adce2fd0f9b125dec952aa460edd9f9dfef38d373056c0fccde563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
509f421be3ef4ab737ef6f31b28ac687

SHA1
b4e3c52060ce0e3bb89f2973037a3ef13a86aeab

SHA256
e9f06a0fceb6a5b276731d971659e4abe646d9217f1a24ae4132f8eac75f9b59

SHA512
a008dd7d8db6c1779a01f3abbdb98162d9ae755b4f1b30bd33479b29d85ea9e7fcb4f65e97329d80a0629eeaf7996141cf632b0c3b0a4a68dd451b8e98f3093e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1d183daa2cc67d57db5fb16ec6d1916f

SHA1
ec3161bd1c9fbba4b95ada6008e26d9a78060bb8

SHA256
5803c24fd490f44794a71cd7db1d01cb17f38fa713b52eb5ecefa77d681e19c6

SHA512
50ff577c37a3843fd76e1acd33b7dc659e0110fc13e595256a0803edda6cc13895e4a6e31f3cf46c34deb6c3a7e1806e6ab810634f12912c8cebb37f88bc01cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
254834949c884b86aca05c1c214a93c5

SHA1
f79359101f352bfb0d836b70c4337f5752842ba3

SHA256
3988e6954bcaca7888389485c2ffbdb312c641aca15f9e983431403b896e51d1

SHA512
a5efcae01979c3406e43a162162746216c83f91145a1ffdb6cf21e50b24c2aa6c5f462e385fc2c0b31ffb21801298678b7c134f1157542e787678fe67c48cf1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
8cd347283ed9c0f43e539791e80702a2

SHA1
f505fc376b1e66216ab949503a7e211219a4f4fb

SHA256
1e69d5146a63bc13b1651c6bb821a28055625d105f77d47ba357d2fc9ac131e2

SHA512
1abcb3c5ca455e81695f5f1d74aff51e066f31312f1f6f29dd4e0279a2dbf60765afdd15ed02b5b083a912a0aec5ae6795b7493221a4c1b87f56c245746a19e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
e6a85e82486696377e423e9af2aee2a8

SHA1
8e0a3a93a0eb7b06107de08cebd1977d8c1f508e

SHA256
e4e446cbda8527115e6126102c446360ef6331b9a9f7135126907b5f9df00810

SHA512
24ed712a4359d67d4b986ef8e392d6ab2f60a7f698fe5d7fe014df7f182663c11bfbb60b57290c5b7d9b574c736c248e80b3437743b13196446dcc8dec9edfe6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
051a939f60dced99602add88b5b71f58

SHA1
a71acd61be911ff6ff7e5a9e5965597c8c7c0765

SHA256
2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10

SHA512
a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7e1b7ff45d531a2931ee35615849f064

SHA1
c5d42c355799573903848cac495a4c6d1ee259bc

SHA256
b8e81c6731f805815e4a3e2a552608437546db93b55a507eb096dff25bfa69d0

SHA512
500841f6e7bd9777c94ed1067b6df5b248a0a1050c1bf2729a3796c851178504579330bcf185c60041c8f2b490a89a53e2572f7f9af8365d1bda2bf0eed1e31e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
582a6adcd746179259aa2ff6f82b987a

SHA1
625f0e04ddd0715fb1c82bd5245156ac7d0cf135

SHA256
1db27399a207f1bb20bf8fc320d7811826e7537b24c7fdb5c8b3a8f943aceb49

SHA512
a4c1d6853cd74f5ea0e49dd9f4d70a0355d57d1304f74f990efb9e854c90fca6e5d42866b8715a6637b26fd95d881faa733992a6741990b641a21faf0f2deaca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
003b92b33b2eb97e6c1a0929121829b8

SHA1
6f18e96c7a2e07fb5a80acb3c9916748fd48827a

SHA256
8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54

SHA512
18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1dbf17ae-3cff-4fa3-b83b-8c616f3fcbd2.tmp

Filesize
1KB

MD5
7dc071ce74a871b8fb9f7415efc9e0bc

SHA1
213214b79ec2672e577268423b1b2c0822cf3a86

SHA256
7dcfccd2a24364fdedfff6343f907ee1998d0b736cd41afdd6c21f36d92efe0c

SHA512
4e1b469ee01ecb1f59a169e78b3fa35b4d610fd06f942528092ac9e58b597294c4822336e926eb26905786dd0aacea0593cb81f84532ace6b8d340ab97be71de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
31KB

MD5
ab1589a0ccf1119b52eb614bfc3f843d

SHA1
c948659d6526488cda5a544bee87c447fe15125b

SHA256
085c3eade08c2923b84757a1b9127008205d8abccadeb52e4d2bd400d46c3e30

SHA512
29b1fb88891c15da1d7704d37f2f10d2117aa21179ea192e25a4a9c3339071399783aa5ec65a8ba761c672cbd047453b1e5be0ed97eb257d77217cf1c2036c7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
40KB

MD5
3051c1e179d84292d3f84a1a0a112c80

SHA1
c11a63236373abfe574f2935a0e7024688b71ccb

SHA256
992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3

SHA512
df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
53KB

MD5
68f0a51fa86985999964ee43de12cdd5

SHA1
bbfc7666be00c560b7394fa0b82b864237a99d8c

SHA256
f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f

SHA512
3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
59KB

MD5
9dc10e4fd1dec1d998e43a473ec6f0e3

SHA1
aae0b952db9ecfadef6630383440ce69459b85e9

SHA256
a906cd681ae4eb92876a5452d522efe94293277e2a09476533b5802b80fc9936

SHA512
8c28ce6e8fa2a1a157a8d19867e57f980447faad4a0caf6f1a902cea8ecae88fa71a27a85d380d50d5f3c93a3a91da6f42a6959272724d92b0994d2ce43f885f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063

Filesize
57KB

MD5
99b5d54b1edf075335a566dd4ce20048

SHA1
d68fc6cae79831e40ec7eb9b70d5ee988b21a6c7

SHA256
f4fdc5cfa80c813c2b93536e7eb354c2ef2927baf78b101e79e02a34dd6f0182

SHA512
4ee9d68cc2ed14d43cf26d792e3fbc621929b2200c0ffe3669b29cab3c92f42ff72d719ebe614287c6c056b3ce08b866cdec0c3cd4132bbf626eb4cea30ad80e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067

Filesize
44KB

MD5
ec25a5e97c6b15e73da25c97fd25a921

SHA1
07e4340b67ce61548f587e68d891e5aa9dba5aee

SHA256
b4d7c6e35b2845a2592848a8b68243383ab99cdd7967415516813449cf86ecae

SHA512
13447ae936421f00c2f20b75bd5ce25ceb829ec02147a1533522ddff53635aaa70c34b9e4fc8169838c120208c416d3cece1656aeb37ff0a64376ede607ee3e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c

Filesize
17KB

MD5
e3962656c2316fbd5606cf2cb557e3d8

SHA1
e2bf7351b7db013802074075a294a6bd87ee46d4

SHA256
36e289d4476518131007095e1198050d2786952aa096101a26ad4435e3787d95

SHA512
385ea553a9dc42f9cc4b1499706831c5f29e665256f23cf31f8b1f17fe11d831c7a0dbde2cd58333d416d9b6b90762b31778bfe54dd433d23a6157bb10735b36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000091

Filesize
29KB

MD5
ef9b1153ccba496ab4de4b1445fd17c0

SHA1
df2cdc28d467b9043f624fcf663f7a90ae7ee169

SHA256
1edf23b6952f21ea38eb2e642d2f86ed8c68fcc6b92acd3f4ea622806edb88e7

SHA512
cd311b76584055bdaa5082fea3604b59c3ec0843c04c30dcc1f54c55bf9eee69d4407093bb047d74c8bbfa18803a3f1d905fd1656aab846b7b6f87550d8cabab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

Filesize
41KB

MD5
ded2cd460ff22008f666083b9ba6b240

SHA1
eb3819ad9d171461071a0a4e7ba66d094109dac0

SHA256
b6b4518584527c9d6bc6549c708761ecfbfc55a1ab49b91ee5a2eca80de34168

SHA512
579b153c32ef22055b115ea9a7317c105733824684ec5c95a61b467fb29786e5357ce421868a581bb516bb47b43926fc2859a2bfc4d1146f07ac4fde88d75b72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c

Filesize
238KB

MD5
9ffe76212ca8d1322c2fe859e29f9399

SHA1
167b014a0c2d337af3ac1fa471ca13b817807281

SHA256
cf197903c170a9c6b81bfa197122f5f88ff0a9247bf1d78d173af44d63b4954b

SHA512
94ba0cba34963d556b52ed031f5d674a446500d86f541b5ff9f74e2d47420e2fcb2c6ba46943220329a2008ec31d9e632cd6bf0269c03a28e9866652cd6b3820

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

Filesize
20KB

MD5
93be7955935adeb48b77528f2dc2e9ea

SHA1
58cbdc14353bbdc7e8457c4c6a305907eabb008c

SHA256
e334891b33bc300d351d94b78cafae565a30e80c5e52a4ddaa158a8dae64511f

SHA512
cc6f0ae67fe3a11c0dfcacaac2d3c8c00a51caa81994b9fb20c1f855a053cfbe17c0374711990ddfed39a38a138357e55a8d5294a920c2ef80790845520b43b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4

Filesize
49KB

MD5
7ca090d5f0c1a9e7d42edb60ad4ec5e8

SHA1
7278dcacb472ec8a27af7fbc6f8212b21e191042

SHA256
4039fef5575ba88350a109b2c8d9aa107f583acb6cbe2ac8e609071567c4cc76

SHA512
c4f2d23eacf74f87de8dea6e4532b120253bb9ad356341532f5e1aaf2ce90d137f46b50df7de5250bce4eca1fbfb74da088accd7c626fa853dc524abad7bfe8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5

Filesize
635KB

MD5
b537ca5fec304dcf3ce3171edf1e8fa4

SHA1
52665eefc08697d21f82719269fbfef687a643d7

SHA256
50b93c8ccbf1304dde0b424bafadf2fb654597bf4a35def9f29356988dfeb2ca

SHA512
81ae8df536c60aa8eb9a687625a72de559d15018c5248e0bc12ce7ed45aa7b960e999b79a8e197c38ddde219aa942ba4534f154aa99386e5e242d18a7d76c805

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a6

Filesize
34KB

MD5
e85ac71b59dadc1488a1c888db91c5ea

SHA1
a4aa7fc9226bd867a978945a27fd78a0a82cc994

SHA256
7441da6812af01a6eb9afa5d602986b233a57700cb721343b0aa9830a15def0d

SHA512
2b4d952a258f9001c2d8a42402c98788759138669750667524df2031d3926e21836b037974ded859bebf88fd9296791a6a2de65561b8098f066f9cbb8ae719ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a7

Filesize
34KB

MD5
6242c13ec6b35fed918ab71eb096d097

SHA1
691e6865e78afb11d9070056ba6cd99bdad7b04e

SHA256
b1c7566622f40bad557a6c5b7bc5b8ae25b4da191ac716cc7923282eef96034c

SHA512
52914b4ca7362e9ebe326ea89006f5cc096fd4d1c360cae33ca768af92fe6fdb5078d0848fb6dc092848ba0e3d3f51bfb20a292250c35e8bd2e79fd5a19dd7b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09ab848cf7414468_0

Filesize
29KB

MD5
2b1f4ffccfdabdd7260f2760a8627b9b

SHA1
efd1dc0e9992d5d25b14513c4f4d1ec071d88a89

SHA256
5408f0f80172c916c1a59892f0eeb35c015f807298d6a947e6c65087ac9d3c52

SHA512
6bc68dfba858ba211819ad1f2cb5df75b1e5787ba214469a416f467671aee1283047ed747df836bce9f155e9e574c907a54ed73be365e78b6aca96c34aaac8bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a664b67dc903cf4_0

Filesize
14KB

MD5
afd057aab1fb8209328ada5502932390

SHA1
bab7c26ba21d6d613a7d92b6716446610c2b99a4

SHA256
5eeb42072acc97cb21e033af7b9a0c8f2a8cae47cc9425d9963d706e320549f9

SHA512
945fc927f5b4a2ec4f4e90dc04993993a80dd0c05078cc02d3c56d93bc306a5817ef36e4c5a301eb8e848031b4406fe58df9f0da2fc8c4d291aa9b39b13c12fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4de9df79c57fb3d8_0

Filesize
7KB

MD5
90f8f756a2f74f27df1172dcd81c368a

SHA1
f512d22a2900e24a901849d8b8c6328748c04783

SHA256
246659669be76f6fd5bb0a1948d9177e7adced8f38a63a6265ed8c1f05bd64f5

SHA512
8cb2eb66185e2479822a9a85369cbde33606a645cd8b970a475d6ea4d740649d170197c43b95524957eddcbeec67027b022f939036cee21e3d76afca891f6818

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\624c9bd517fc9c91_0

Filesize
1KB

MD5
33843fc151d7052951c7574696e20a25

SHA1
9c3be7fa45cd88c78cd53d8bd694e90784cd3cfc

SHA256
45f5734c41e714eb1df9c29082f49ebc06293750a3fc3cf315f347d2a1e0445e

SHA512
d1f3bc02a3ebbbbceedca49e0a700027649ab1abdc3dede732b7cfbb33e5d1a4488d7b3ebafe55188fbaec1535fa6aec83d43695ef2a1c9b787da0fc64d9b079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a5e8bb53a565b9f_0

Filesize
2KB

MD5
1e0cdbabf0e9e4168077ee69888c2e92

SHA1
a374d736bf45867589ddb80f387dc2e52d16f9a8

SHA256
54256c66e1685ebbb307355a4941a336b06d8536c809447061f7da4e644b06eb

SHA512
4e5042f5ffbd3cee10068f78c4daebeaef4a9f13c6dc79d700a5d141cad86d931aa6691fd891921219eb85282b996046b4dd5d36da03c958726351575db8dd1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

Filesize
1KB

MD5
4465960ba6bd93a127ed20973b1c0fd7

SHA1
4cc7fe87caa9b9fc3c3093d328866b948244edd2

SHA256
3cab4eda32a1ad3a4638c5c3a6f470de41f9d4c67cbf66cdbd52e56cceba37ee

SHA512
9f92aada3825b278f50b0143735783d5de252b80a30a6bfabd3604e68492f23b8a235ef5fabf400a745bec6991189e811100a40f9aea13a9e3837a3c7093add9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\77553c2a47f1a2d4_0

Filesize
3KB

MD5
c288e4ea0b5be0526cf183c75843cfcb

SHA1
1dbc8cc17a937b7092fa9f29a2691864b1e21b57

SHA256
85625728a928aad6445674c7c6e1c8114a3a45ade7c5a1ddb28a05bbed0048cf

SHA512
23771a27416a2c41cb21e3423913961396a52a4108e0e72e9c15edf840f76e4eaa457166f4692742c8f912805110d29d5b923b5005550e57ae20f1254ca35503

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\827a381adfabe2a2_0

Filesize
1KB

MD5
c8350a98bed459a3017357fe6eb66e44

SHA1
e18ddb91de3545fbd141ecbaf60c43529f17deeb

SHA256
12e8a21f2c042b6915582786eb66858ee2ebad1080fea2ec035b8cd7a6f47933

SHA512
2d523c2b50f93774c588b09d363d9d392134ec650a372f9a13a34562118ef51376df8fcfad3a9a48031f56370afb77384e5e6f5eeca692709ca754f90699bf53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d08d19cd3e85b13_0

Filesize
16KB

MD5
30131ff94f39409891923581ca849095

SHA1
658555b711eb63157563b27deda21a7cde771de5

SHA256
e6f2fc8a6606caf39cea93cd3935bbac7810df757afcac7d7bd8ebd585959153

SHA512
d5387bcf51158f4116890b096d6122aa985e237c0ae0a0a2eebbd709ea1c93c50406142ef4c301e8fefcd18fc908b8a0f128be209173cb7a188a79523dd0a77e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bbfea718d84779c3_0

Filesize
14KB

MD5
61e56138d3e25e0f6ee4bdbdcb2c7c50

SHA1
8df6a8bf3b707cfcc257099d21fe7d4ff610bd7d

SHA256
e3deb894eb1a8c02b6cc2e15bc89bb6b85a2a560c545582adf81eb918aca30e3

SHA512
209171b4a4d3173f94914fd395daf5f05d2f9a5c68d01741c14183fb66ecbdcf966f96fb94b57e20d3058a4068454f7e4c124e9c85b15392fd5b385bf5f97a57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd9a47d844308cbb_0

Filesize
6KB

MD5
b28af0ecfab82bd88dff8faebd3810a1

SHA1
5d38d20032ad763441d4067ddd0c7091f2ef9d1f

SHA256
b7e72f7dbc3ef81dc8914a5f3462c7d35b57f70eca04ff03e523878bcf4bd6d8

SHA512
14a4fd5f0c49c94d909bbaa416c26de6f3b55eca7120c07bfb24919264bec55706968a2a556408cd77bf12ce326ad97722ccf9dbdce7b2c430775448cf35463c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\db66159bbbb57f22_0

Filesize
10KB

MD5
a5c29a76c2751a7586fd52e5e4d651fa

SHA1
169982801c77546d7787963e16e9f4f4b3984d85

SHA256
86f8de7a46c9b47966c03e35532b0ac82b934b5f9df84bc14d9a7e61d4802099

SHA512
a83e6329785bce86eae5f10f4b4b67f27b590983dd738adc610f7441a0078742013f391944b762002aa0e18113824259c00a8c28a6bfe9d5546f46269edfe853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4b95a1e43d59c66_0

Filesize
18KB

MD5
4ef6704a3ec56e3cd1204547509cba33

SHA1
b6b3728d73002adc72e46e2d5ec0a620d64b2956

SHA256
e32cfc1629c72a00567ea0bf6607774b95cf960914a291442c780faeb7dd2f81

SHA512
724a2349d8bfd81f2ad266cd741b76d06da34c859284918acbf21e6620204673531d2666361319cc327f69a2ac49a0c4bbddd1901310fd68fc29e62124ce8e70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
b40485d65c4faedaca16f184822b9957

SHA1
0f5701d810dc197314e7f9a6a21e71a9bf6f7c12

SHA256
7a3ae0563bac5c8df0a9c8608a16d4f889e8baa6983ba4ebd3204a3dbc86faba

SHA512
7df620fb9e58e7b24efc804cb748a1f8748c73f280e1ea7bc43de0f8e4564aea9575402abfdaa0732c0b32bc8695b76a6e8389f5e918b6b191ab2f39581e6659

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
fa435e0f1ed2b6d4d4ec891056384145

SHA1
93984e0caae0ca585545791d9a66e14a53de9cda

SHA256
78cc20957d7b64a183d4e7e07fc43dd75c2279f02d1dd13ae7956dd2e4134778

SHA512
e5b609e5ef551732861e57abf982dbcbe5789a0aaa7bc7c9024da06570594dd41533560e8c75a6d071122ebbd8a804f7eddcea92b8597358a4139b8256bbd3ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
16ecb07b4c748322857cc3f299a8717b

SHA1
d2fc8e6c417eea17aaf176b54d290bad7c3c1eaf

SHA256
f914ec4208807eab1689f17fc5de92e2ea9d1b92e20e72c8baf6b6a459518336

SHA512
15cbd56bbe80c40d09de65f6dc0ac7728ef07c2109424d08a124b1c1b8c3b81d23ce333b97f2d48395b42368f24e660a3ba067f7515afdd9a9abbed26ffc5fab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
a8952716995c1e05787dd939ce95df3b

SHA1
a6c9f3fef00a545a17fb3a5b4c7a3148eafdc495

SHA256
9159164931c0d0195460218226f59529e2487d62ca73ce30cf08be7b63513b05

SHA512
26cd650bebb240e990152f78c1348653918b32cc06980fc146262829a718767451d0bcca69d8b2ad5e6cff4ada75ec801b667326e2c94b63af7e3b2b03c91582

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
df0fdc091168eb4121d5c2bbc2195961

SHA1
316de8d011a950e4d951fd755f98f6f86fe9669f

SHA256
c3e2de1a13c081c8deb1e972fe0b33a88b9baf6da957acfda92afca6c87ee955

SHA512
1448517e74bb883629fc90ce74ad6b3e5676dbf5305af3a4313bb4e184e56b6c0de94f7a86b9496d1420cd415a95625b24f69411c7c8630bb6cd4258d2c9581e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
9cdac7ba95e338269ccf56cef433f4ba

SHA1
21eeed3edac223c9dd537a232e274ad90747d9e9

SHA256
fbfd7ec175971e7fba20932de23400d930831180f0bbe0f2d14d1d9eecc9048e

SHA512
fde5e7be6ec5cc7ab759221de712c54190ed1a2e569e9661561a76e86e5fb8b283bcca25300c17acae02b46f7a49c68a3f7237fb70a19e7fd470054a2ae2946d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
0833f0c8423bd17d5ddc092c7b784e31

SHA1
1ac86ed224e4602f31b2abfe931d9e0a82e5340a

SHA256
3c9a4625e271670116ae1cb41243c8020ec1d4bd86302e15baeb71769e7280c9

SHA512
5a00ca2e3a31351467c665471768ffcf179247e704a5ac0a8ab63d5616f7c750c6aef9da05ec71425549809e2bb1bfcdc690e0aa73b5fa5a4b05f83b5562f069

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
2ce34cdc9265fd78740b32ee9fd81566

SHA1
f3722883488c8a91256cdffcf2ebbb2537b32b0b

SHA256
728cecd5baeb445381bd47d70d119d6fd75c748e21376e9851fe13a75415e61b

SHA512
27e3e071fff5885156b6a8aeb17004db0ef271145919a43bd0b1db58b825bd9b631f8098971aebfb5c22965d88fa3e0bd8247f7f4e5d38469e08e2cfef11614b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
ce09c38949f7cfea1618cc3264d05ac3

SHA1
ef0cf8d7189058a6bc07ef36e07a4a1d11e60f7b

SHA256
39c240a2c62841413e8b3b759affc9dd3000ae7a98e7ed52fdf67fa2673e0441

SHA512
f001ea5773b9ec664878dd1809c5c56ee291e68eeedb697eaecaf6298cc98ded37f31140e7ff395476dde240be12a6b86fc888207c35e1cedfeaef66c8daf774

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
28KB

MD5
9188ce0d4512a8701ce6e3fe329e5221

SHA1
4e8af45ef9564f0fa086740ce05ccf6fff319a27

SHA256
68be539c7d8e2996d131b678059ad572e788e16df8621166839b57a6ff70bbd6

SHA512
e554374e8129f9ea7d1804b70f7fda84ae166eae8e7efb96f9084f38b5d128aac25570607a86ffbc95b6c6503d905f48c14dcc8f884e5c0cd887c879cf90661c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
a32f193892fcc8c576d0c656fc6562ba

SHA1
96bf91228dc6405af8fb215489057abd74affb8a

SHA256
f952737d20e586cba30a6f2570e00dd956551227b648c040cf4f2ec70cd7235e

SHA512
5ef14d31fbbf79b9001739ff8c0e1b8770caf38c122543aaadc04badb969f407405f3418641b4c739bad3863b112c599effa3677b55fc1936ae24eb7dbe0d00f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
07ae9073b5dcdc1de0e0e2b3665c85e6

SHA1
dd8b19d8bddab33383295807ed4676036e47fe56

SHA256
6d34ecf65b86fee1b4fb1b123753bf84e20053014d09c099e9a3fee60e1d3219

SHA512
2641a1763ee909b3592a84800cd082f5e2f49c15cd3d2b535ea12e49d9d0c3976db52707487c725e4ed66e5e31b5e40edde98d68e4740b5716898413d7dba573

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
5KB

MD5
a40caca8b9dd5a80cce8702cf3bc4886

SHA1
af89a24847114fd79093804769779a3b46ba9df9

SHA256
8c4ad33910871e685f276cf1f059c137149339b8cf384d68778e732f02020c46

SHA512
351f4265407e6a326f404ab541eb37cdd1308def300eacb3166d45d635ba2b08374f9dc3bcd619e6df3f9b2ed9a3bb66010cb0a82ad7505fe338798356557aeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\c7565feb-44ef-4f0b-94d4-90e458a78cc9.tmp

Filesize
25KB

MD5
a36e9e4606a1a5ee16ea8104cf1a5c7b

SHA1
e9fdbd0d5e058441e42da0a9443c10b08b4501a1

SHA256
226522107a0e534d988a5cdff6b410f66d4f26b03ce28ea915041920f7f4047b

SHA512
12ed66f9f12dcbac9bdfa98c5ec58ee6d6abe8327cde11fdde47e838ad0dfc21ae37f48d0bea85d6aa126553e560e2de0433151f6a5d2dd3223850423f931ce7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
12KB

MD5
f95deda68b28b963e90cf806223435dd

SHA1
cddd83acf03df0ed0dd9b2a608e944fe46765edd

SHA256
32e6f4e265e5c85b84ee80d24968e4aa9a48593525cbe97f7d898d233d867f88

SHA512
b2028e388e233cd84106cabe23a4a7d1bb33321070b801e3c98e224a23ea7bb29c03ef235746858eb4d55be303720083ffb04f0d6bbc92f5f772cb7d02239798

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
32241b9b9d2b470249dcaa63e2da8bb7

SHA1
5746bda2d022c1cc27c1e734ef48f6dcc3e8b77c

SHA256
a8d0e05727ccf20e6c6d49d58042c1f20c7e210e0536ab7c6219b4a275f83296

SHA512
578f078fdb0ff91b0c4df1ad13796ec5263e0cec18b7a401d23e85e68ae6460301436507369a5857496d20aaade7edb19b85161e9d28780ebbdeba08755cfdab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
d8a6d6800c1bf444e59de15bc3560b7d

SHA1
b9a2c700ab6dfc732fb46de633edce48060f6bc8

SHA256
9172fa67fbeb323a12fb8d7eb324f94b4a0f953dea6c2149295841d0721f98d8

SHA512
69f1b6b7e97c90d369da2e107a7e0f8a7858dc55994b089a3f94f9dd4c2a9a80a0c864f7cce89e9de1326bb41de875d2b442843261c1fa0cf78212f5f2abddff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
35f5b8b69e2be2ceba400433a851d722

SHA1
fe43ebecc85a026af0513cb87cbb0abb92d2b6cd

SHA256
ceb3839b3a1438374b5923595149ce51ee6ae308b12b34ee84345101ab1c8926

SHA512
4aeb77205254aa5b90d4fe8657c80721105777075636c1da7bdc61ab8efc8a8cd78b4b10a18dcc6fd0a9d90b89fd9d2a7f922f47f101dc82179905fa88a7aab2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ba472821667abc8c9d58b27f0ef14bfa

SHA1
9211cef1f3460e076db517742effc2dcf2b3dd0d

SHA256
be5eaf093fa482630aeaf242e793fb46bcccbcf96a5b5277b38a9315bf68848e

SHA512
c96a4db4b19fd4012c9f232cdcffdd4eaae0b5cb1156051df97ae0bf147b0c5f73e196682d3edf3e9444ed3ecd879dae1d94d0f979a6dd1e433b1142fdbac77c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
07c5eccb6ec3080340559beaae6c043e

SHA1
a07b6c0acc7111e505cda051d911fdbe0f144a5c

SHA256
7ad533febdbd0327851294fecf00477779a6a1ad88204f68db6e56bd9206ef2f

SHA512
8e2ef9252d8734a77e66411941500754385995b3971f9dc8eeaa66f03bb817ec5b4f9682a300548869c79941f2ff7686799354bff17561617b43026f66a1a779

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
04419b6a2af0d51972998ac95c7d8a7f

SHA1
1a0269518ef370ca469ca814532d036bda90c90e

SHA256
d31379c0157d10b8e72c34b9e2220178180259c767eb81110da45597abfe636c

SHA512
c9a68aaeb3c51fb7c58e2b9208a3b93918c3fe5892dfcf99a93cadcf72fdb97a94586f6bd89f986d7ff442fd6ec82e0889a9f05ecaa191b149cc3078082284f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
6fd92838c0e47d4c18f9aa9082d8f661

SHA1
157ffaed1eb447812c41c1798f6d850d759e3f0b

SHA256
17a2cc5fe7e516ce40a9d93bbb70f0f8beb6e8dff6abe367119ef39db3bb32ca

SHA512
b172494362c95e508029d581b1df3eb0b8a522a1f845124564e1a55e1b1fcdd95f7130c17751e64b3a0880de90ab50e6658596ec6d3063e0623c9cc1f8d258b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
74163fbb4ed1e59aa31c0697515f64fa

SHA1
03896a4fe86ab97f2fdf03b38af03ddbe9ee8f6c

SHA256
45c50dffadd85b527c349793fbf7fba87c31a25b131fd3710d85d78ff71a1dd6

SHA512
ad1bf173c46527239ba1ac5acc00ffa49f3cc3fcf784d7fbe026e0a7d9715f06227a886c791dd6982ae811c51da99adb7ac9c915fd53c57734d3de005f5e4288

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f616f9645f931c76359031b8f7f6767d

SHA1
587bd557327bc3b23d4be86dd8fde285145d61f5

SHA256
ed57caac9f0d04dffedcbaaf1d47ec5e16994360d30dc310a43e73a7f3556b38

SHA512
b7f54de011c75f32a70d39934112d7b40b958f6496228c6ee9c4141e06de81719deb0f9d07190d91a1e932783d1eb5c4450c58332dcaf1a040e3c752e44a0cd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
27319630cf5e6c05305b94a7444ab0a8

SHA1
fce1cf7fa4e8181e9ff729a79de56c709fcd6a1e

SHA256
2cb1ea88f3bbbfb75719b4c642045ddf9b2775307f25a6dd356f8db128c4a816

SHA512
f7bde8693555e671bd46351384dcdcdcdea67196e0a32c81f61211ef47162e3b9559a8a7459760988475cd6e6aff0174d77e7669b40a208a86358d8a4ef3b8ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
842903db5c4c840b010bab557c2d51c8

SHA1
d5c6ecb37747fea893152ab54d7408bd716ea31a

SHA256
edb51529e104c4b46ad1e5920638b40eda2fd100974e73d9064cfec624423a04

SHA512
96c79e3eb8b5065c684fd8ee9db401be7468abcb972981d7ce2316dd269504449e7bcb1b38c8ddd7060c9526525f66aa5808ba5dd3dbbe65c6ac8a30ed06be93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
12be9364d16416dc2c686036e1c393f2

SHA1
abca9c17d8870f3ddbbd1675bc97daf646705ff8

SHA256
bb8a084d2b3901c636411363cd4890bb0772fcac3d10f4ab21e49e533db4db2c

SHA512
5ec9dccf93552ef6092b43590e24abb483069e346c8303a356436c46be14f830e0bf99edc30f5091f3e75cb25fa0f5e103a951f2251c2386f73bf35093fe1363

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
9f507286bd466f7cd6b9351907019445

SHA1
97e1a55d59d7fbc261b58bcdb0f5c54d1711a89e

SHA256
15fb038fe73f6b5ec13d297f399cd3a378762eece4903414134dd649fbaf805b

SHA512
b8316bf70c0733a493e243d61e36f13d97c6fd632030fc843789b33247bad18113ad0b50aef534f2fb3804d73b88532371529b8c81313b2623c849ec153d461c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8347721d949c58615ce075cfd87ce70c

SHA1
f26cffcd0277053499e7624e348316d58ae1aa3f

SHA256
a993d6945963693f4c9dff729b88d305693deaa97172489d05350b692c011a51

SHA512
3a92d6d9a3daccfd7c270b039495808db86c7004b4c39d3ef30196c6a83f5678f618b8dfd282d1a1ca1c328ba620c4014e60a291ef16631a853315b65b5264ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
01d3be67795e647c775d6d5ceeb27dcc

SHA1
5f12e9d62e2ccfd7d5be0ca35adf19e859321402

SHA256
4dc191d0d42a9889295890010bdfd541f5eeaf3a9ed3c5010655896a07dcdcef

SHA512
0123907be4dabfb8b20b3580afae577c84ccb30771504d9a96d7296731269c7f7414c07793991978e5877384ffaa3fc319e422adbe9ba26e2b9b2a10deec7db7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a9171db25cdc2212c15bc12e2aeab3c9

SHA1
331bfbc4b6c97b3c2e9389004e747640c477ee18

SHA256
c882e103b17fc8ae356b8212a2739d81235c47877d036cec0c76fb58b839ca6f

SHA512
452e6f47e41ff067215ef7e214a681b08f382e9ee391859e9443939ec838cdecfa46c8b4611d8d9d32b4b5332bbba6c998645a9cee6a2f9316ac46fcb6a77f7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a0db4878c4db45259852086cb674edc4

SHA1
fef0475842cf1f9f4e31816da0e5cc2a6bcbe929

SHA256
cbc3b027f6a1137dbc981360a0d335efa20e60f582eea535d3579907eaaa57a4

SHA512
65df786dd1ff0d3550126fe1dee09263c6d0c2c425f78ca0f00a081e3a7e9da318278a4db47a0bf5bd36e60583aef85b8c3839e7cdd83bbdc468b8708bcfe107

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
37f27346560cee64ea729621d01e259c

SHA1
ca32b9ab419307da79b835ac2a79a208547ca5c4

SHA256
f8b5b39ba82635fd42cefcc8449cdad852782010b0a2c9699cdd31b8cedff5f3

SHA512
4f2e55a4934db5fe6a6bdd2fb5a8d7cb933dd2a5e8b7c1894b939a1b2def5167782336a4bb34f271ac704b932fdbb95a8d7e20b22cf975ca79279f03a2e690c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
904900952f32aec1c71bd73b58459a55

SHA1
3198dfa9dc18db6a6aacb6354dfc0e9f6302050b

SHA256
7a2263090e41b067beb2ad8cc91e3d0dc834d170d69337eb88730e65457b7ad5

SHA512
2a7d082014884c890ef4849553b527a975d0094f88e818763ff24b4ab4df238aef631f03c1ce17f0cc8c91cbd8a901c70f77e34d148a9db2858a57de8cc9ea58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
0524026efab6cebb15240351775c35e8

SHA1
4406a4b5ce2bb6eb4ad05628603b280bdcfac9e0

SHA256
cebf86d5a765327ace50f2c70ff9739a4368d13f4f1029665e7af82ca7b54cb3

SHA512
1b70da2a5360fc6447b9809c02bf8865a7a6cacb6b2037d3439695f9a5552d364ed49b3a3c315c336c1718405805e534b72cd8f11942eebb4ad1dc0831916ce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
06cf60cc097fb04896239a85c0047078

SHA1
bca9c6529e81e754ccb549b127ab53315f284381

SHA256
848c438da2aa6270bcb102505365692b60a6d36a6c00cc205d2b2e327c04a67e

SHA512
d389f2ffcb14ab616c60fbc5958b7862a3dabe441cb2fa0f6d7a811b07028b9c0f824455295e3cb837be9d9787f3cb01eaa485d8e66ad0cbd682af93b3cd135e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
150215702486a07fe24d23badcf53d4e

SHA1
e2d0c35f171d8fd93c0347ef97af795d3fc0b881

SHA256
87cf0bb1526981ae1641dd2b3e4bcf94d300477b77a30bd8669326db978aa71c

SHA512
4773f386a8089dd04d06173e6ab9651f4a1b65ab1dac19a5ff07630b1f1e2b7acd8b44fd3129e9dedb142f85ccd875977ca4bf30abf89a93cf46c2ef777616c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
cb0a875ffe1e72b8be02eb0afba5ad52

SHA1
5e9a0d5b82e485ce3d3e6d145020c2c7764a3903

SHA256
a347aa9bc25339cc5d41aa74581771b84b24bee5c1233cf8f64d34eded9baed3

SHA512
f79681ece2723632bbb208a649567ddcd5d537a59e674385b5afe3c299ac2679265ae1ae7dae73bedc2b0efd43f271bdaee47f117f292cd5ffc6bc2268c75a7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
95cff32813be6313734ac158dd7934a1

SHA1
a0ce7b5462f89afa7d2a6afe095c818888a46b2d

SHA256
9534d0b0a7e2314cae2c61cff72988743007d0f1eb3d720e3aed28cf5bebbbc9

SHA512
cc3ed3f79d1bfe97b31b4bbefe75f0e2b37b55bfe446d057884548cc3e7a5c744872ef5bcd427e98fc01b1560335da7778e011ea601b45cf0a2c5e7f81f62129

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
29e0c8e8c1d493e329d97af8431c1c20

SHA1
ab8de4c4643e19d2e4befd62bd40727e9d28b5ee

SHA256
6216e4b8bf5d6dfa92d623d5b61b21085360847e63ab5d6a5671a0ffb0aba0a2

SHA512
cb4b4f99332d682499bed9ee8f6f3ce47f21c69390dfb3f6ae0df2137487eaffc721260c3e0f3f9aa9798420252b141282b8adb33d367878df82d244c7cbece7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
54860226f2226e03dc660405362bd863

SHA1
40ec33ef494334c52227a90f4ea7450cffbea44c

SHA256
04e72431398170f8cdd7921eb30738c532f4a41cd273ef063172380f15476f8d

SHA512
9d526f9e5c8bc5cf99ff15fe45e50530eacfa163e2b4f45b4ebcc23580c8a2f2576acc7973f7015d98a0e5e6d46edaee1463278a63539059c04314dc2c7655af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
32de7e49b1a388cb47b285ab70ee7d4d

SHA1
7605d8cb297135ab76664be86af0b25222aa66b1

SHA256
ebca6e9731654b7ac36ca9a86550e497e4ad4426bc7da302d4e7d98d9ed10f31

SHA512
45e1c3fc7962122df26e9798cdfddbbd97d4c3ceea214575612a334a68d3b19692a5490e1985c6462b35a21f78fea9aae5cc56cdcd05d54d42d79c02e3bf5a59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2ac11118ee8d2578d0015c0fb1bf87f0

SHA1
e444f91bbc35942c06ccf24be67db28c8b0ac566

SHA256
ffad90749410f31a375788d27fab2fe22848081bb020e98d67d4a5db82dc58cb

SHA512
b8c625e2903b54c3b8cc80ad7c7d89c13a27098f3659b9f0f40b8e4641c3d989c0a6bbb7f024edf02a40cd24051f1848d676406ef63c2e5b45f13cfd545f7c3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6dab109a0c298b011137cbe549d4c6c4

SHA1
93d20eac38a1de7e6a61f2ee81912de5c9ec9f4f

SHA256
f72304478c52316faee8e93be541d842bbf26c7090c0a731396b9272fcfc19d0

SHA512
9e50cf9eb09a3b2cba6b0fede79f2d00762d2cd8a73fa4a2a38335aa049f87020aacdd25dfa51ccbd84220f9e859daef0a7919d6bac409d1c5bdf6daa02f4160

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
dc34cf0706fa6b20facf8738ffc0ed9e

SHA1
a1ea72775a5b09a0fc5b1ac892a6075a418021c9

SHA256
4c09cba555d56523f2ff94c632b5d4e180f8f398f330287ab082304baccfd284

SHA512
f2dd9033c70f5773323940ee45f3523124e909827a2c27ec8c8482456907cefb9ff56799cccdffef94e5bc592d7098b8f9a7682f7cf79420f93d589e0256a2af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c9453c244e0586002b7d3db5261f65c7

SHA1
6db8e4df5f64aabf9bc3f6bddc1c0d184d17ee87

SHA256
c64879cf215952b0b73c9dae39c28ebc701dcc5389430917b410d568f7b139cf

SHA512
410b733a0ba1114f467edab7243422fcaafe151fde528e316600252477bfebaf034136781e382ce451b624da6120f94270481d1c2b59255612e994a1a7c6871c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4cbb900-91ce-483d-9e39-72c0792aa323\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4cbb900-91ce-483d-9e39-72c0792aa323\index-dir\the-real-index

Filesize
2KB

MD5
846ff104d42c9590bc5359ce1c189b4a

SHA1
2fd1010018cec310679f15cb18064aacefe2dd6a

SHA256
7fa4c3c76a482133a12be0e7f2519b8e0a7b88bb6b568481768a6ee401dc0d36

SHA512
db79a8354e4737ea7fcdcc3b5ed1733115521611ddcf4202482cb849726bc9d07a82d343f10605604488d65cb1df92bf6ee43749fad347509c411eea33ec0499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4cbb900-91ce-483d-9e39-72c0792aa323\index-dir\the-real-index

Filesize
2KB

MD5
eafe998b14cf6eef65a7af0fabe21118

SHA1
787653edf3b268b99eef22e43862c1a8358219a8

SHA256
ac192fb63e1dd2a1671d35affceb7f91df0d768f1bda2c3dd28c41663ef3e71f

SHA512
43b9e9494f70ccbf638730df0aa5a30e1db2d5cf7af9974a7c58497d52fe8a29fd6bf2d437024e7b23555eab9df6e399e71fde970c71e79e2eeeac03c373a84b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4cbb900-91ce-483d-9e39-72c0792aa323\index-dir\the-real-index~RFe65cf90.TMP

Filesize
48B

MD5
d6a9dec74c5080974cef6e2027858753

SHA1
7021089c024999c62736f309009a43c1838be19b

SHA256
0781c1f5a423d29de5107471e7f11de7903fed77bb79c7855e72839d77c6eed9

SHA512
daa735044883eba895bb583f92bbf6354a0a1d292f54e1095c1422689026794079ab534d1f807ecd60f88232fc23b7d50d058c55e6e13466d4fd3e3694130a18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d63065c8-8224-4ee6-8889-fc6930a5abed\index-dir\the-real-index

Filesize
624B

MD5
811cbfa1c274ab8979fa9d6e26bb1124

SHA1
c05b58c659268b8b01864ff60542b6b1b944542e

SHA256
8e05c93be8c6002c7f9742e86f55d16a82a410189c6613090578ddc2f4f59b06

SHA512
2fef96d2830416d31e2661817dddee722cb295c405ef47db48fa75768becb1525f65944c86302c6a50016db1ad2afb44bfdf95dcca35df9ac31d27e275199922

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d63065c8-8224-4ee6-8889-fc6930a5abed\index-dir\the-real-index~RFe66284f.TMP

Filesize
48B

MD5
1c6f4dc76529044799160943cf42f68b

SHA1
b57f58f3f183cfc5098c3fcb2c8a9e643c9ec9e9

SHA256
3e22e55c1cfd0040888eb8f69bb2f7a8601f0f90d44588044b9908680380b925

SHA512
949201cb0d04ab7ec4e159b656cfef256f6758d3f24db1c8effb37c5d3ba78844d927dd0635f748f46f4e87f6d32d44c113291f84d6a1ffdd5cfe90c87f169a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
997cc5d74995127a6952107c6b256151

SHA1
f6f904bf681e62eab2fef92ad928fa30f698c82b

SHA256
32e3a8248b8a3fa61dcb82576d0cee261cc2308985085eb821c9171c889740e6

SHA512
b197a277e074ccb6371e93cd935e5c0bf67ad3a6749d9e1a413b934fe7777ab99e92f67c8df933c58494d9a665c9a38b389e3a3818dd083be8d896af868e3f94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
148B

MD5
a4c9780b2bbcbc3189588b686962eecf

SHA1
120c4ea91b17c56748acc69cdb107595a0e9a8a9

SHA256
c83c4b202c7f6d0ec631fa8d690168c0d8342d9094c13454bd7d65194db6ae71

SHA512
53ba4503e76bb60d71776d311baee48b882b29387f11b2fccdd562c9e09517a4e5dad1d99e4ca72c7abf1d8be4ad18ea3898db1326a320c4c43aac8e0b0f32db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
157B

MD5
cc318c5264ccf1c56f8e16e998940503

SHA1
9777c8b2002f011a35b5e2d40928e5e96d3c7c73

SHA256
5c37e1b67be5aadd49c37f5b11e8d79ec5a96f413bbb9617c997741b23547419

SHA512
06e5577eaafc6df0372b6e2023bfce14efd899011b00f9b9bb81b6daa80d567b0cd14803117dcc6b1995ca293ba6d8f0fca6c741b8bcb4c1b9ad8f838100c84f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
54faaf460b39f32b2715e21ecdabb044

SHA1
ff29729682167e3dddf8ae98f796b9a301778266

SHA256
b77c1dbdc05ea4b1a9845b5103fe31037fadecfc2b1cde842c800aefc20826b1

SHA512
720b15b95f05e09431da5a1c0b84eb7661d4ac94d3a9ee3c7c0d5c60115f29ba7bf00f13d2876f59ad7b30f2b6188980b404d98da6adbbfbdd8a320dd85da588

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
b4923981a77cb4eea50784b02e75683a

SHA1
117f4695adb350c601eaadd695d62c0359bcc7f4

SHA256
db6f5474407cdd8444f14cf9d5fa49dbd1068c273330ad1a9d27e195fac508b9

SHA512
477198eef707525e2e65b126653b16e80c5d949bfe23db0d66f473752cfd30c19a4686922864b62094147fb8c8b1db6d97b7ce30388bb37f65c6cd1da5ab97e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
10a6330c7ffd1df48dd776c6b818a2e5

SHA1
342e5ee6b1c4c74449ceab68841144966e67db73

SHA256
f4276ee2de8bd9e95b566b68a9afaf370ae6581eef3738c0a66eaeeb8b5d5016

SHA512
7ca9b18483bd32fc4aa931f91e4c49299dc760138b24b046e675d08a09954fd36b23c4915f667fc12e9e048d050dde3ce862bb72c66bfc5f1bf79725fe024f69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
12e44deb3127d3ebea99a04aba5a6d0b

SHA1
a23ad64b3aa04071dc0c60721270b2f8286cdf40

SHA256
1cdbb265acc6f1a94a35287b5876215dd030acbd29ef8d586b4afdc67f61c208

SHA512
49febd7bd7bd2f794b90f95906f7575e91f2ebebc99536696e8ba4491e6dde0117fd2e32e0a6302df551b9afab559619e44a637ca9ec6fe7e2908ba288a9c360

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe65c0cb.TMP

Filesize
89B

MD5
94940838285810b2b27a729d4ee3f2c1

SHA1
78e35627eb20d9db80f56d4806847d8252a6c47e

SHA256
ff393e0d8633cd07c0654d5bee1fe497a439b9749db03cd8dafd095458a95f2d

SHA512
788a897015a4f84f2a0e11880d4a7045fadf5611f32be304710a533a1d45387aa0ec3250e59eacc175a9ad1001c46c9dea4757a6bc2eb27ffcf51c0474f9a1cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\e5b7980a04e4805673a74179633ecd675ba6a857\a740a9a4-a55a-4980-a8de-a3f612e1e36a\index-dir\the-real-index

Filesize
96B

MD5
bfea31f05db8b80079b069fa9f69fd1f

SHA1
d9a387901e99001ac8358437fa0f65814bc87623

SHA256
a8501bba1e8fa42cf12652906f79264a48a1233051fde2fb1d642f9327c46cb8

SHA512
d7a445ae2f89e1502974bc41b4d46960e4b88acbda010fe0696641ee99d0407df0f75cfd2fa84e9f43141149c2c660f5eedce560be25ddbfd9ff8928252c2592

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\e5b7980a04e4805673a74179633ecd675ba6a857\a740a9a4-a55a-4980-a8de-a3f612e1e36a\index-dir\the-real-index~RFe5df290.TMP

Filesize
48B

MD5
8edf98e49bad7338be67bac9fd7174b9

SHA1
a9774cc539912e8d8e0c99f8293c294bfa99a384

SHA256
705f3b68a850e7a4c96cb4c7fbd02818d21ad14f46c7004292f16d145a9f241d

SHA512
bceecb316a34ba423b7bd619f967d97f83890ee1ebc1709d23396153b1299cd8ea69b4228e186ded20686d964ea017cf0df6fc398b0ae08d3084a0c4f56d3710

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\e5b7980a04e4805673a74179633ecd675ba6a857\index.txt

Filesize
103B

MD5
9e878b272649c777ceb6d3e2f1a516a1

SHA1
770b5e8fcfe7f802055d779e826b39bf646e9fef

SHA256
5c30bc5d9c3b26a9b89d33139a32195fb23ff6d309cd9ce3a1e3ba79e6f806e3

SHA512
c1fb00a6d69d6b842f815a79b7dcafbf4aec3592112c9873ccefc85468d5f41a43a9e097bfd70b4c26023f29c6f8dc2edd73cf4760fb6d241ce5b240a102e32f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\e5b7980a04e4805673a74179633ecd675ba6a857\index.txt

Filesize
98B

MD5
b9434f5699471d631cfd8d7d29b8872a

SHA1
6adc77955649c2c044f19a29a1f277dd7b25d829

SHA256
a4243458018d90f0047d1c9f96efc7e053ae4c0f3420177af63c97ae7fb075dc

SHA512
744025c8a72e9cb1fea0aadd15d312b4d0c5fe97e23bcd03201bdf1720ef4d338c249d6a129e5aae25bdc5c89c30b96d822664ac45ded2877f277a34875949d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
79KB

MD5
e0b75cad0affedc3459becd112110204

SHA1
db438793404f0013eee74873eebf42a03176c94f

SHA256
04b3c72de53a66ac2b28dece06fb716a7f9e2db1221cf1fc0174fc25a15e46f0

SHA512
6f39a0d3ff2f99faca3f5f146e62637da43f36cf3252ef682d5720a65c079ec2f3ff08663e14322c550a6880f551825c68075afa5e004aab6ecf165e215370f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
6b52b4caea5b3cdaac64c7a0b2e44863

SHA1
3979a338ca78382f655959e14808c3ad761c30c4

SHA256
50439b9728835c77427ee3d5fb54791461e0ed7c7630422a4d2c57f28aeb8a3f

SHA512
19e2c2a81b3101462b3a9a37e7070de11fa303a347bb17ea2a2576f8fc33d1de82b860ca6119f3e263ca842580bdc1d4858f038124348f341e88bb3e4ea04f13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
da6c49b86e74f7e77d32c340ba8cd540

SHA1
72af5fc7628275b57a3156acb77c2792c1399c5f

SHA256
fd6ea1917e07fdcf5f43ff851479cc6fd13bc56759f6a1967beac2a4021802c8

SHA512
36b3b352390b89c5f32ae51c60bf4527eddbc10f5b355358c6a4a6c241ba86ab71d77c673465c7be1f0f09bd7a11e8fbbe5c1cd9310a6759d369368b67853a1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5df223.TMP

Filesize
48B

MD5
a271e2be35030fca820ac966902cfa66

SHA1
d3d913c2701ff252f7de1fd0342d3ca501d27a80

SHA256
0ca6fae8f91ca34ccf0f124471d441d5db528efd07660b7a04d4e971a10a5282

SHA512
d26f72f1ffcf4db775840e40546e015f792d7dd21457858ef18734ca7a66a1484c6d18730639e45a7d4f0405ff6f85cea6c1646a2a4be10719a32768795f1175

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
477B

MD5
1b3366440834875d0b49a0abc21e1341

SHA1
80df5fc6e22b629651ac97801f1e8534ca74a370

SHA256
94a457d6ae048eaa08a4b5c5d79e52b5a6b05b46d5abb3dbb2cd56d073e8eab3

SHA512
927d82d730976304aca3e472fcfb3e61065efbfd14e9e1ad3256cf63dc3a31ee96517496bbe0f53130089671bd1bb9c1da883ff4bcfcd3bdf51998f492f14ef3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13379081600374660

Filesize
23KB

MD5
0715d68ea79817ac8d04d31da5d7774a

SHA1
49c6c7217db55f76235ca0d9d0a79cc8ecaec423

SHA256
8355995a8a9fd330dc9f6d8147a1c77cd7c4aacb1077eaad4b3d60328d81dbd8

SHA512
314fef1724453fed1b5ec55fd30d7750a769efb8dd99ed2fdd45d58d249e4f7bbd595d7d00c7c0b2e8a9e517763ee803637d600f2f6ac64d40a7b3de49d4895c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
184B

MD5
cdd617ab9ee12c6188638d357100e353

SHA1
a4f02fc906ea148d64e2ffe8f74e59bc7997ce0a

SHA256
44f6a6d3d6a3a4d95f43f1ca2ed5bc7bdff1069bb622831f5a9f4b9c2751df4c

SHA512
f8df1c69ae7cffb56bc421d6317f00ed33a88ad92966bc8da6f7c1f17595ebc562f989f4fa720297a7ecb0e745f829efda652686d3e93c3102bb2b4d1bf7c910

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
d789a53bcccb334a79dc371ec787b8b0

SHA1
98daed83e9778319d7bebbbd8c7a9417b3815ac6

SHA256
af45b9dc7dd4b150feca62fb64db9429abe778f035be326c71e08ec2cf92e4dc

SHA512
af006423db6274f8d8654240dbbb230122d1bbfc64f6ce5d08c26aed2d4251aca9a8a1adc2637cea90a4e49dc5e2bf440848fafc2f031fcb38d27a7e703e1299

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
ad23a0c1afd9f83910a509162d876e8b

SHA1
1ae433d2558a20172e8aa8cf7c87056f083ee69e

SHA256
d95dd1617db9f2c06effca296ace6f8717da3257e49926380fbfa03962585686

SHA512
1989b467752b245b3bcdcab89ea99b388b3f88876b43530967841974196c2a43edb206216a62b6db5c87aac9369e7a633403d998ff84442fc06fdb5ea448aa68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
59826087d42b8d81df698808e92ec8f0

SHA1
d47f27f1d115e8c459ee0c3bc5a64b6c1a260e59

SHA256
48363c12ace296d8433d7c678eb83067d64a28cb5389a0d9f743a58beb1e5042

SHA512
4cff5348fdeb77d71302a105f75ca7f298e3ada4d844f9358af7470539be986874e385242a54af22b3b663bbc8e888585457595e43f2ce6169b838401dd1e6c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a2c41ca6fafca65a2aa5ae918f921907

SHA1
f5b503c4c9a6b3c1c7b2ec0a1f0edc5163ff8eaf

SHA256
111117e225e3e4d9e7564cf6b4f605edcbe9d8d8c8b179b1e7f00344c565880a

SHA512
7f6e29d1a4d00b4d2c03e0fb68792b87ddb8f161e8d543a644983b414b076ab9856cc6887238e3ed6bbc36948d92134918abbb33b463523849dfeec4fdb15408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
77773bc6488def5bdc4f2e38032fabac

SHA1
bf0196af55ebeb2ae29ec370e0f4c8aefec23b56

SHA256
1b62612b415aa286b191b853a82eeb1abb585d05f22d053fb14fc0d3a4d0fd3e

SHA512
0357298372c128d537b7c8d1c702dad5b9c98e0368beb6f7a9b23fdbc4b2e13d41741f8ccfde51421ec07580186b9a6428941eb6c5a07e16c293b202d6193e99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e0d643a2a9c46f26ca0de9a2ce945149

SHA1
2963968ee30f471c96235dee7c183f9488353706

SHA256
fb0954071d2c43524848b133794c6d02cfb44c2f10dda641a0af8115b5164152

SHA512
4d0f8952b35b3de39e5bc3ab69f6d288855f142707896dad51f0b97c49cc197af6566454cc03a5dac085d63a9419c21f1050c4480d186af551ee901813c9f814

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2c3e18a1e7ee536b438ab46aec7f4f40

SHA1
da633b36f0777867a0099370b0e1ddfc157cdf4f

SHA256
4f8f46116de886707cce950b47fc073deb64ffcbf472c90436a123f836a8ee78

SHA512
91702d2d7231b2bcce38f9789240c73491fc12c737cb14727580f3822f75afaa1031cb11c97c018319df7c331bb59d875cba2efceaa9670d6fa81614f06ef3d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
8126b73b43b24e57f818563fb986e2a9

SHA1
4c14d3e7a8f95c74899172d8f837c9d8517e44af

SHA256
570d71724cd8785a80c8e742752e6c8effff350b50775a0c62ec743b3f5e27b7

SHA512
c0114b96c6f100fde48268de4392c65972a4159cc79dca2077b6388080afc51f5f2d1f992e2abc795ab24ceaf59730d8986966705220c17fc20af1931fd1dbc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
4d2e9dbbb67ddcc93b935b38b44added

SHA1
90c76d67a085f68c0004ad948ae70b4705024f8a

SHA256
c0f033f70b1de8d933de1e54d5e0bb6cd91cb3eb7a7ebb98e00aa34f39e6408f

SHA512
760a62ca1b72fdaf586c31ee5a8fdb1405fec40515857df55a953fe96628128b5361306a5ba01dab317a83e4079b2b04f1b7f99191c44cbed5cf6184ad81dd20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
d7cba6b9a1835be4d5de1ff46ee044df

SHA1
a9b561e7d7a6277d6d3938cd529cb006ea84e2ac

SHA256
9aa90f10892be601de52deecb8ae9f8b5eac571ffb158c80d73c81d2c5098e14

SHA512
9003b56efba7480ceecaa839d31731f96accea0ce27c3f411820027cdabdb4149daf46e700e6d87924d095ccdbf33a52e752c4a869fe226f969cf4f3541f76ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
1ec3f5126123f87dccff273c2c02e83f

SHA1
50a6ec086031d8d80505389455b0df1dcfc120d1

SHA256
48c867850d5dcad98624bd8e3b96dd59ce92708d1810ad2e1255868666583be6

SHA512
79a87de81df5fa72f9608061e29905ba9238a349bcd5e1a1d23515f74c490c25ec02b76f13c7dabc5ba295b040197d4a7766b2cc2c787a94228600922aba3e5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
d6b92ad661ee1c0e23447cc3b738c834

SHA1
1a86aac07dd7ff4427272539a80b4907437d6569

SHA256
9953db4bca743770bd1376d890a07c8bbd50dda740728af7ffac0906d630e704

SHA512
5a1a4c7461dc5ba4c1c7a7711e25a227bc4d94659e8f948edd3b8eee9209d55a4e97cce3513e0330cb6f369ff097f7e7e8c3d3fbc1132aadb21afeab3f06a2e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
7e8346960a7df80789cfb68bfbcc04b4

SHA1
19dbbd0a2f55b24f12a9f6ab04393d5b7cd7e81a

SHA256
bebf0142a2c8b7cdc033ee814aa3233a2fada29bbf1cd6f47a0c5600f8ff03c7

SHA512
70d6ef36601799b54b800a5a46832263c833524a3a585a4439d6d02803d8f7c93d82f441542636d239a2e25466bf2513f1fbcfd6fbc454d03fb197c961aa6de9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
f721d9a2c4dce92d72310cbc126cc68e

SHA1
4cb2fca58cb5a140b39795fb006bd05cf5765a0c

SHA256
efc6edc41f2a679cde2f7991616be80731acc650981539b6340fa8fcb3f069e5

SHA512
91df6af2ed0bd3d0cb2092a590ce115ff0f9328f083a3c26e0c137461b5f8ad3db9401ef193eabe83a59941d63b283f16e1cfe94e3c65246e9b9c7a54b28d74f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
717f4fea1748a81913aebc6ecf1de3ea

SHA1
4992a6440e6f074cbf124968bbf464c0db3e39ab

SHA256
10cdf80425c5e15f7b28943acfe19acbad4376e4dca7bdbeb8ac1674947bba49

SHA512
9da20aa541978393f16bda11c292a83e549d37033f5d0e8d88dce61bd00413d8429a5ef9356c25bdec236b8c6e19a14b32da61c72add757123452756905ddb88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
5ad3d4151eb47b26129a3039398f19e6

SHA1
2e69c4417667763d8de3d7e6e9d0d3d881ef6224

SHA256
00cc4748aa71d6e5d53325a455da8f5fe1658f00171e1baba689bb6b4aafc9c0

SHA512
634107e1b05d35c546b597f7c03ec1a8fc8478c9c2c0213fe82ac86dbecf85734c01f01a9ab4b09145fcc6597745a65952bda67a1c2d9d3b5610f297af654ea2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
721b176a5842a335defe642969bc4b3b

SHA1
37886e16ae53664b89a872eade8a92b8e99558a1

SHA256
628d9ecfce0cffb4c7e2dc9659748468e883db5e1bea769dd0ebdcf969d38ac6

SHA512
a8b3ef25e7e7f63f17406af7665fb446cd70b7edacd2a1882152e823f5b96754e6470328e325dd9d56389db0446981eeb15b7deb62c435340a739c07e8533303

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
064169d12ea1994fed87569fd911ff9c

SHA1
482b7172200a36035bbe718211f2a96b89689a26

SHA256
a184921e091c31b047b996b6025e4b04f6e7f6420a517c7b9d0f4bb719802e75

SHA512
09e0fe5e0e7c9cbba7e11f7b8822072b5e0a5e79f012b387370cba916cb472ccf960851d042090bf9a956d2d0877876e246957bde418e23c77af175706ab4b25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
f86044bc6da16aca96283ee8a09d903a

SHA1
0c75698d045de32b30b504a74cb0baf268656377

SHA256
8a8e222bf44a9004d8e7c69a408867b7a279224019ce497a3b03f223d50672a6

SHA512
0aa4bb8523daba77dc280d32d6dbaf1d6af10f2fb90f74942c9523663fc08c7b6572ad7830221cd3ab10bbc005ddeede75f0649ee9dcdaed8f0df6b476982243

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
04257603ac634a17d11f79f8a8a4568a

SHA1
7d62c3eb1cb595534c87b53be04bd7eb3b79ea82

SHA256
80aead72f9866f85f228adda3e8d3b4019c51441cdf496178684e219bd94d83f

SHA512
b80d40542d25ce926b94f7fccba7566da2b670035801e0ff211ea91b5ac51d34ae9e6719a9e7c160e9f737de10a3d0e3c920a13d1909a9a61c20c4cf2ede2dba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
aa93d102c9125c7d777c391ecb24f73b

SHA1
961bc227345c30400d6e530a660219db2d9e5e14

SHA256
05e998695822df70838bea56dc15c9b4dfc458fbf666af2c0b5a68216b80c565

SHA512
083c74281575dc90487a2c79f962a2983ec0dd978e4bc647944c39a3547b3c75060eb0b08263067867a633b88622293d5a73d55f54d4aecd622864e275119a91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d2ad6517b58a60d906942591f0f8b19b

SHA1
a7e7cc933e19cc083add160d48d371af728834c6

SHA256
7de32191ff76c72c1a655b0c9cfd7f3188390570e1a55461e9e6fb7e766eee0f

SHA512
bdabc5b565456e915e081a701eae1578a34f670cfc7ad5e8e7a9ba6f934632a8da100956f11775f40acab7f62694ba4976346e0b6b0f52e7d6f5224943699674

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
a40947cfb0402dafe13693327f52701b

SHA1
e03b54ed4d31b846361637770645b92288a061fe

SHA256
06d727be1e7f468ea440a4464b548c259e617071f8cf25fb88da6bd2cd173d39

SHA512
77483a2b17778303956dc11103389820d161fd11a126f8d02b13085a70375bcc371aa98f814acb93043bb8e569d0cf4980961db367d9527c8187c920985024fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
4ed9ab7319953dcbd5e879797acee4f9

SHA1
6433802a880e73bc20b0d874a65c0bf199b6f506

SHA256
a912f5e09e2bc0e917843a918084febff0ddeeabfdc22fefe3b4f9aabd2f78c5

SHA512
5e568efa7fe34bedfdcdcc5ca5d47366756f2a34aee34027f911226edd9c78f06a452cb63c205f1ebab0155a20a7b10c83affb25c8e0ee31e671b08e6e418f78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
5c76812fc82afcffd61343506c117a0d

SHA1
db91b93b05e766a3c49482618de842b32e186a9d

SHA256
3c000c04c6dbf3c92d3a1192195a9b333e02d512e9d6f42a646ac907d6ca3aa7

SHA512
98e76f6119ccaf13a8e1f2555574032e623e65d808daf56dcac173f6586c26d7264243c8421e460dbc0dc84d08e433501f2a5d64c931eb449a2397e7ad7409d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
da1300fbdadc058d395340fe585a47f3

SHA1
029f5a1671d7c3be6a05ad83f060db13a26bca3e

SHA256
eab6a0a2162adb4dcc6f32305b33b8216e30229aca5075a877e6490e92a17799

SHA512
a055d1af288074b9dc3e39f0d84262e5eace0a5a553b5e0be0b6cce62e70e4fc161add840edf81ddd2e35576d15c1f53cb9c3f9f676b3fb4bd9e141143e3e44b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
b1fe7079477b88e7cb9615e2c24c539f

SHA1
51a7c8e4d3678fff8b4cb0d50ad890ae5734d03c

SHA256
4aee5c1ab5d3d7892b86df252907d08500a2fe7a60ae20dda42880a4f970f8c3

SHA512
1b35ba1b289cd792a025b0f9314b356fba8c3fc9156e28f0251376f4216a1f6c807e32889f7a02ecda29f754fc691fdb51fe62055d0afe4f2cc94ea5e999392c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ac01ec8739a313b456058d19d54cbd27

SHA1
18143fdd77a928db287f5b04f95a36c7436f355d

SHA256
8d5b6a3cf2249401c9c0e7629e9f1650b74d3835a501ba72244acde0d056f62a

SHA512
ca658dfa3e807b3fbb1166b6faec73ac47d0b72c38fe6e04677082a2cfbd2766b4bd0008eae0692a9c003e1eb88607032eaac9601c52e32e4b28ae5a6e247788

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f935.TMP

Filesize
706B

MD5
9a5f660a3f141eaaa58b8549ef55976d

SHA1
8b38f38da88965a08268971489a6ab3faf7bdca8

SHA256
d582e55326b36d6b2bef8bc87b252025ffe6b9950b8ce1caa825a685f8dae00c

SHA512
0c1845d8fef41c6daa652946a9c730c5e891f209b88aa34375d9e5a888cb7eef2fadeb76904113499a360e0d19b7bfd5ed2a0e3779308a0951bb0b7466f6a891

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
61e3a0222265a79c67f20fb370836589

SHA1
4ad762a47ecd5abaff99286417bf18b2c4bd13c8

SHA256
17c0e54e8e38410b3dc9bd88329adcd2c217106cf362100af58b6d351e9f0f4b

SHA512
c571cd802a42a66129f4e9a99bf06f4b87c870afccc63ef81a0267935c8eb9bb404ee1b7bdc3a7978c67b43cfdfd980c797d947c8c6f4979387bb852b0b15550

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
112KB

MD5
c7d7c449d958d75b8c40d97e689db918

SHA1
332000e8c1de604f08fe9c5ab1924c3ece5c34b5

SHA256
262fecd53dc1d141619dfe4449591d095d9ca769c2e2f11441f4fc309be359b3

SHA512
170b16b982d6c7d5eb3a49b054e8743d9cb406a894f4eb90e02ac059a9b247ecf7bcafdd424a1fd0f7eaaa00fbead092eed0f7095eb261fa84cbc633e3ec5bc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
76KB

MD5
b08ded503a5475e81cb1c13ec42187c6

SHA1
aafe648b1d1bf57aecd6e865474a00410b4c3215

SHA256
25049162b09035bdd0f0a95f2e37c9f6802b35e8a5ec486c4fefb03b4b81b251

SHA512
8bc982c50ff0ab5fda64e6a2f2b5199815bfa1413b57642d013a969667bac265fbab08af02d51948776c59837610c2a392ec2213a95d23a37ec6f5ebfd949b74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
4KB

MD5
78e8a2b42535717b4f4e9f588b1e59e7

SHA1
b817c3efd18b1c84d9139870487e3d137aa2159c

SHA256
f288e0bed0a6f67ae915a17681bb11e1f9c20a564cbbaf74827528ca082d06e9

SHA512
d715f4fec4768b69fc779318d4974239e6c600ccd38eeb156e428331b9b8d11068ba166a3919577d5c9173434a30af535dff60797e45d5ba26eee78cfdcf8b19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
322B

MD5
d199e8504f7ea16a796842d1a070edde

SHA1
cf7e449320c2b572f0dbad282c77d336c8bb0c83

SHA256
c21585af618eabc7dc2bcc6d59867f3ee2d0d41a1a81d0a0c0317416acb35c78

SHA512
4e0ecb2e4a0d01cccad0260121aa0beb9049e949ec2835c5f559afbf6c8bdc666eab2a9c80c4885829af94fe9b0d6b0c6323f058083f2906ffd5abfba9c132ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
318B

MD5
cbc17bb48b28c8d0752a359e46e926d6

SHA1
c9b5abde39d0eb13d64225faf38e43c6dcf7f542

SHA256
5cb50a22d12ce65995c55f6a490ae995ac850cbf8caac58540f01ce8db40c19b

SHA512
f1cb51a1ca1ab0d19633ef07879e5f58dc1394168c3003bcdbedbc5968a9bd45e53cfc48a35951dbc9b15e62c40f64e5cde8add60784e70d17d5d5acc059e89b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
340B

MD5
fd228145eecbdcf3fc2273ef78506206

SHA1
545402106576b580fed3968962de4e7b4a36a4a4

SHA256
5bb382a4160c6e617926c9f4d4141f77ac46240869b4638560678e047563132f

SHA512
95d5ee479709ca5154c26212d7757bb2d6b1c006b90774d7fe7212efa5c5111a0dca9d9a0f7f3a710004e84c2fd937d25cbf898d2f076a3cbdd76c599bf55f0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
65d1b512089408a40ea9b909c88643ca

SHA1
ba76067a81566b4229d93363e213c6676c163947

SHA256
b6ee9b2219481adf62f02914e1e4edb87cd52a894226700ddbbc21a3a572478a

SHA512
981f6b3f3e24742a18a5253ea0bc828358930645a0b46dcf65caf08ade478f5493295e1d778e945d09d06676f56c2780ec9a4ed146aaeeda87c4bf7a8aa41743

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
70161b2160b559fdac857488a521e4ed

SHA1
060bd5d29a8ae93fe7969eb52e9e4a1bf98a72da

SHA256
0f810cf1252e5035cd7f6fe27f4809035eb3f9e060da5388d5fa58badd47b395

SHA512
4b3e6ec1ede89f9396c80bd065ea8a8ebb1f27ba15b982cef33d61576dad1181df13bb5561c4f4c6f950ac0d83173de6a8de0f0e1b2b3ee0f49d553a208789c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
584821a64096f9a6816178bcf708bfcd

SHA1
ae7c155fe8694d494febfc979ed6be5e38b8e28b

SHA256
e41850b27eee3060c3b212eb9f69a7e7e097832d5ebfd682528bc9cf4a51c683

SHA512
f83a9437507df6abdc668e19f5bea243c50782177b41032dde7c3f03afccd21d9124a2c1c836af641bd719ce240a56c860470d6e39e0b912395397f3ae93d393

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d4f37c805b97bd991ae8c61840865dab

SHA1
eec9c5784cb437d9e2c8b593f81977eddb0a5a94

SHA256
ae013ba1b0450f043480fbee293b64620c843247b92ef47950d0a1241fe8a828

SHA512
db6deb4773b5c82afb1fa945504b7334ef32bd7756c784442fbb81d6c18202f6fa855459d82176355e866091c05885a292a03a696813c9e6ad96590c0ce0eeb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3e51843ad67d2a48924e314b74dacde9

SHA1
3a7fb554266461835203fc45be7ed2fd2707a259

SHA256
ceeb40b1d070123168a300b59619e29ccc837f5d6390a33043876daaf829624c

SHA512
01a057d825f413d9f6ffd4a0b2c6daf179bdb1506930e78607c40c1a64d58494db3c9fc3b9685bc62596b7932c6db31bfb2518d911ff70ec977cb6cc0ad0accc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c164703acfe80b8c4ce154a8a5f0a3cf

SHA1
0cb58f333db64de01f9fa28930bf47f05b012d3d

SHA256
07888f22ede5e5c8019fe0cb23bbb49d351d0fc7bd00bb41dc0b6945e8cf60c4

SHA512
bbe5165da602179b2d47533ad7356c841147ff0f24cd7751563c8143058cf5b6d371787cca373903f3233ebaee7549a0db97e2e317022b7e108b15a4c5f82fe6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e02a57a3527d896b0b4c7aacde976a20

SHA1
460d01dc53cceec6e741d936f6a0cad0792d6ca3

SHA256
9459c14c0061e2ea87470364fbe039c336232b55ae18e7b29bfb34f69677a781

SHA512
e984e97b7f29246c094f2a331dee479420b89c48795546be3746b8cd4a74a9c710ee96eb4da308d95cad96330644798664bbc177f78a1060b8b51a74b0bb424d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
84ac88dee307f1150c9afd0a8949c8c8

SHA1
d423681548918138e3108dc02202e9dc0d6dacd8

SHA256
223d4348f8743fb8555832571b2e96e79e90ef90535d09b65d6edcfdfb6054ab

SHA512
bf136c8c3013f036b20aef853487467e97c66aa538b0703daac80247bb6b00723ce72e7dd4353ed187e4f1caeec84fcc8a2e3d90916a9c6fd816d6dd7482d176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f100abc12eb02edc20a22f2bc42ec359

SHA1
acec2214d19b7ede9d2ed3256b1b88a27db0e0d4

SHA256
f00523128c31591c63936e5d5fd7e0a300461953814b4e382abbc90cc85946bd

SHA512
bc75075e0a9c2c7d036f8cc3430c8248fb92b2e6b412d302af7ff86cf94a68b9e9a5d6b4edb748cc10c5b7784dbcc83a3cf3e183ee08388f029fff330dcb48f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\5f11e780-cca1-4db6-bfa0-e30e7a4a2049.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5028_645381332\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5028_645381332\a9c56e99-b0cb-49dd-851e-3dc10a5cbbfd.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
cda09ef3c8506c8916b6f03f6398c18d

SHA1
9bf2e0570370de945c83e1eed40360a9b02eb2d9

SHA256
2f4fd2e88616e980002174b2b4c341b8973c953f50a88fc5c820c39a473265d0

SHA512
54163c99cf9af7da6adba68b8093e4382599c913912c39d9113852257d233a734032d9efd6ba85956bbd777b63718113c6b74433c035e72eeaca084eb2999334

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
5662eddbae822955446a0fe03e0829a2

SHA1
388b74ae84a0231c011c51544d35003479a7cfdf

SHA256
9bced7f600b3840d8a752058ec9fa36492c04568289d4571908373dc92b72757

SHA512
44e918b6c0875b6ac46fc716d2075e0504cd705737192f74fe5c02b2b1cb25974ca50a1f5ffe4ac99af4caeb03602cf77ba8010885f793e8ad4577808f9d5431

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
f6f59115c5e26ccebe5c4a612cfeb8d6

SHA1
ff92db968f72eb00419107e90a353c08696a151d

SHA256
1e0114e07117d7db93b0fbdc120c555623d3e17c9a0782a2d6aee0275af9f6f2

SHA512
38a9b1e008865d3174905194ef153adc866fe26f6570d868970eeda27425582daa93b39c784ee6641eede841edf40ddac2837055f1c938111c143d40b589d4c0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
b5f9a8e447e1e58cc82baf52140a17ec

SHA1
2ef16aa15cd7836cd0212a11189db75698e024bf

SHA256
d13d3e5687f07abe19a93ef7ad6a593b312557d4e8a569ea92f3428aa9df5d90

SHA512
4e9730a4657949d35299c50e56a8785f67e8e73d960dccc0402bac6da390a8eaab769e695939987ac9c3986d7315da985731b2e00201865f6084feaf026e843c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
cda924cd967fc668088033cda52b8ebe

SHA1
36d5b66d303bc4a3a1f39ed54e4de87fb42ed7e2

SHA256
409efebb10d9112a1c2701631e05dabda8aefd3585209f3c1486df62cf8caa78

SHA512
25d84d9a2fbc1cce47665704d5b2f5b4a983c325946250c67c6b3605f6e235bc4fc60c7599a1ace8616d156b336230c382c714c99f227b8392db7cbbccbcac18

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
1ac7b58ae7f6e0b41ecdbfd9c16f03fd

SHA1
dcb47c5d8222c51656e163219c3af721f7b46d0a

SHA256
1d2b9ade6bff1fa493771d268a350cb5d8595ba25c58a8ecc53a2def71daa9a9

SHA512
8367e1ccb2d3d89a69e3db42ceb1a74e0ffd204464f267dda3c67f0e4df7b54ce5603e9e515b540e062642082c25ff4a912128744aa02e50b1d49eac56933911

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
ef9f44274d81f0caa2e27ec6b7f8d001

SHA1
1365c1e3655230a90dbe97592c04d1d4af264b18

SHA256
6fd1078b4ee4174a96b2e7cf0a94a3615f3407b621ed5ab815770f0b031a6788

SHA512
e3e88debb2a6641bd363485d5648f57ef2bd4bd620d5e7be1dd259a6bb332d79fca01530f3bc3d2744e9719cdbd90242c23904554a41c093f0368f6687f3941f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
fc710b9167f139924571ccf56db5afc4

SHA1
acfe669a575f65635287fe041236807e4dce6ef4

SHA256
baddd15ae25e0a4e84064487219886d3338078235a938867ac70cccfc811832a

SHA512
5cc0fe91bc8c083190d59e2605e1b792746cea6f520f5654fbcb360857bda402f9fb153f62e041390930a92d539916362ab626025336026220d9a5b3c31aab0f

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\ml.xspf.tmp732

Filesize
304B

MD5
781602441469750c3219c8c38b515ed4

SHA1
e885acd1cbd0b897ebcedbb145bef1c330f80595

SHA256
81970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d

SHA512
2b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
113B

MD5
11f37034d23504693a43dca463b5365f

SHA1
f43040a66f0731749a90eedd701dd61cb5cdc35c

SHA256
8cbbb0c8c93997e5d3197cc339911972866e028f0bb612a6ed782a11d6c8ebab

SHA512
cd8a3d0b3d3f6ce6e86d40344b15cce1f1a8ef4f813100cbe0051b58f0bf8eafee554a034e0d92dbd8d20ccc68d6a1e070b0ee24a95b5273c88b60daec88f82b

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
764B

MD5
5ec1961de5be8b3c7003b804a3fdc317

SHA1
02933f89985469ead9defc0426f99a5530371795

SHA256
7e70eb603683f17e8071030dbde9264dd91d57f2b235abca5021e9b3b397fde5

SHA512
a204dd16a00309573ca5b20debdb08f6e8e1e13d3c6fb50c63f72c963bf538bea78f0bd7cea74f6daee9066ec544aa2cd97d11078e494de7c82cbc9be5f8a9af

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.Uhg732

Filesize
604B

MD5
b1db74933518ed53f7aaaf0c84f4b08b

SHA1
3262bb8307654d909dd5cc1d9dd38dbde31a0c89

SHA256
c12ebd7638af3efae512ad3d9471219dff3425afc75f65bfe5d6008751387369

SHA512
f59d0f7b7c7fe95037d8ec7b446db9215cadf71f3640c42367d918d8c00be36d0f5b6cfa7f83066c6c38d520b2d5ab193b328e695b2f083ab0c2eb2a31d36f43

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

Filesize
17B

MD5
04de49dc810f58e1c48cb66b3e649613

SHA1
a97a1fb0584d12f3b16f95e4ea581cd0dcf966b3

SHA256
5fbfea6ea1f7a20048af0b683af51ac1925e3f96b90c4309a0862c654e0e1453

SHA512
f7196e7cf24fec029e8d4b27e2cc9ecc14f2be8344d23e0ddd741e0e854bbc8b72304d688579d12fd5ef9e3bca841157af69d2d8f9ea2199d5210e30ef1c5064

Download Submit
C:\Users\Admin\Downloads\Fake Nvidia installer (pass 1234).rar

Filesize
3.5MB

MD5
294ecd0652df2f3eeab38dec90c0b1b1

SHA1
f4a588257e422994821302136513f51e04cb74d0

SHA256
42ae555c1f9357f22efa16f56dc0c6df92b0ad981a5bce17dbf8aeac2089bfc2

SHA512
3df2c26a8ab8796f55be81c471751d33a7ba91ee287631f428d458bf1e0b02ec10e9be0a8c79272f8a049ef9a2269d2e6396c9061b49a486a240015d62c78581

Download Submit
C:\Users\Admin\Downloads\MS 0735.6+7421.zip

Filesize
112KB

MD5
1b3cf59e94f7d599ed2d54c1f82acb5a

SHA1
10d84b9096c92331106212af9a88cc7f8119c458

SHA256
57c3e5002750b9da9dbf7526a1288bbd84f339fadc16f828ef20d1889c51e483

SHA512
113328d190125c1dd0f7b5dc323a68c41f5a98c1afbec51e414c5f2776097bb1daf44af9aa58acb221c82c11e68b580f414ead1cf8184caf28da259793555a45

Download Submit
C:\Users\Admin\Downloads\MS 0735.6+7421.zip:Zone.Identifier

Filesize
283B

MD5
49bce2ce9277e666cc2a3d67a5d9e565

SHA1
14fad237123c843fbe28dd0eb5bfb3843fabccfd

SHA256
9d6a351712b2a145dbaf6aa54158387cf1e4dd8916ae1184d06b93076707befa

SHA512
f9e0a3fb24cf89d230f157d2d91392ba3b3a6aacbd99a77cdd93c0361d402738d5f7868bff0a2abeb84a69d31b1269ead0cce80b2f7dc0e77a21986326352d76

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 355751.crdownload

Filesize
163KB

MD5
34d62303e757aac3144ad3478619fdde

SHA1
a6fa411c5e8b1715568805ee7d09150d96ee8977

SHA256
851fed5d7b5c0f331d61ff67eca02c3d0bc5214848bdaaa5f6069a86050792a4

SHA512
248358ccdfd86cc56ca77edbe5aedfb656751d312dfff9598f1eb59fb4494ff07566011417808b94451064f0e323c3464142f1b03d337ca5a895c0d435b19da9

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 722413.crdownload

Filesize
8.4MB

MD5
2b71cc65cc949cfce47107383f9bce29

SHA1
a57d725a4cb391d4ea02a3c4b5680935f72669cf

SHA256
a513325690cf5bf2302ccc34e2264a8a48270de49a1863c018afed246472e37a

SHA512
158d6e92839b4d83827832e870b4e3d2c8d388894dd5a194abbfcf4ad228fea7e83543b6278cedd6fb2b92801ba102178a962c4d4f0868e1aac62f50d668a824

Download Submit
memory/732-2368-0x00007FF996710000-0x00007FF9969C6000-memory.dmp

Filesize
2.7MB

Download
memory/732-2366-0x00007FF7C85F0000-0x00007FF7C86E8000-memory.dmp

Filesize
992KB

Download
memory/732-2369-0x00007FF993230000-0x00007FF99333E000-memory.dmp

Filesize
1.1MB

Download
memory/732-2367-0x00007FF9A58A0000-0x00007FF9A58D4000-memory.dmp

Filesize
208KB

Download
memory/732-2328-0x00007FF7C85F0000-0x00007FF7C86E8000-memory.dmp

Filesize
992KB

Download
memory/732-2329-0x00007FF9A58A0000-0x00007FF9A58D4000-memory.dmp

Filesize
208KB

Download
memory/732-2335-0x00007FF99CE70000-0x00007FF99CEB1000-memory.dmp

Filesize
260KB

Download
memory/732-2331-0x00007FF9B0D00000-0x00007FF9B0D18000-memory.dmp

Filesize
96KB

Download
memory/732-2332-0x00007FF9A84A0000-0x00007FF9A84B7000-memory.dmp

Filesize
92KB

Download
memory/732-2350-0x00007FF993230000-0x00007FF99333E000-memory.dmp

Filesize
1.1MB

Download
memory/732-2334-0x00007FF992E60000-0x00007FF99306B000-memory.dmp

Filesize
2.0MB

Download
memory/732-2336-0x00007FF9A57F0000-0x00007FF9A5811000-memory.dmp

Filesize
132KB

Download
memory/732-2337-0x00007FF9A7790000-0x00007FF9A77A8000-memory.dmp

Filesize
96KB

Download
memory/732-2338-0x00007FF9A6F50000-0x00007FF9A6F61000-memory.dmp

Filesize
68KB

Download
memory/732-2339-0x00007FF99CDF0000-0x00007FF99CE01000-memory.dmp

Filesize
68KB

Download
memory/732-2340-0x00007FF99CDD0000-0x00007FF99CDE1000-memory.dmp

Filesize
68KB

Download
memory/732-2341-0x00007FF9966F0000-0x00007FF99670B000-memory.dmp

Filesize
108KB

Download
memory/732-2342-0x00007FF9966D0000-0x00007FF9966E1000-memory.dmp

Filesize
68KB

Download
memory/732-2343-0x00007FF9966B0000-0x00007FF9966C8000-memory.dmp

Filesize
96KB

Download
memory/732-2344-0x00007FF996680000-0x00007FF9966B0000-memory.dmp

Filesize
192KB

Download
memory/732-2345-0x00007FF996610000-0x00007FF996677000-memory.dmp

Filesize
412KB

Download
memory/732-2346-0x00007FF995CA0000-0x00007FF995D1C000-memory.dmp

Filesize
496KB

Download
memory/732-2347-0x00007FF9965F0000-0x00007FF996601000-memory.dmp

Filesize
68KB

Download
memory/732-2349-0x00007FF992CE0000-0x00007FF992E60000-memory.dmp

Filesize
1.5MB

Download
memory/732-2351-0x00007FF9965B0000-0x00007FF9965C7000-memory.dmp

Filesize
92KB

Download
memory/732-2352-0x00007FF995F00000-0x00007FF995F11000-memory.dmp

Filesize
68KB

Download
memory/732-2353-0x00007FF995EE0000-0x00007FF995EFD000-memory.dmp

Filesize
116KB

Download
memory/732-2354-0x00007FF995C80000-0x00007FF995C91000-memory.dmp

Filesize
68KB

Download
memory/732-2355-0x00007FF991F10000-0x00007FF991F3D000-memory.dmp

Filesize
180KB

Download
memory/732-2356-0x00007FF9B2310000-0x00007FF9B2320000-memory.dmp

Filesize
64KB

Download
memory/732-2348-0x00007FF9965D0000-0x00007FF9965E1000-memory.dmp

Filesize
68KB

Download
memory/732-2330-0x00007FF996710000-0x00007FF9969C6000-memory.dmp

Filesize
2.7MB

Download
memory/732-2333-0x00007FF9A8080000-0x00007FF9A8091000-memory.dmp

Filesize
68KB

Download
memory/4504-2305-0x00007FF991DB0000-0x00007FF992E60000-memory.dmp

Filesize
16.7MB

Download
memory/4504-2304-0x00007FF996710000-0x00007FF9969C6000-memory.dmp

Filesize
2.7MB

Download
memory/4504-2303-0x00007FF9A58A0000-0x00007FF9A58D4000-memory.dmp

Filesize
208KB

Download
memory/4504-2302-0x00007FF7C85F0000-0x00007FF7C86E8000-memory.dmp

Filesize
992KB

Download
memory/4504-2262-0x00007FF9B0D00000-0x00007FF9B0D18000-memory.dmp

Filesize
96KB

Download
memory/4504-2263-0x00007FF9A84A0000-0x00007FF9A84B7000-memory.dmp

Filesize
92KB

Download
memory/4504-2264-0x00007FF9A8080000-0x00007FF9A8091000-memory.dmp

Filesize
68KB

Download
memory/4504-2265-0x00007FF9A7790000-0x00007FF9A77A7000-memory.dmp

Filesize
92KB

Download
memory/4504-2276-0x00007FF996680000-0x00007FF996691000-memory.dmp

Filesize
68KB

Download
memory/4504-2277-0x00007FF996660000-0x00007FF99667B000-memory.dmp

Filesize
108KB

Download
memory/4504-2278-0x00007FF996640000-0x00007FF996651000-memory.dmp

Filesize
68KB

Download
memory/4504-2279-0x00007FF996620000-0x00007FF996638000-memory.dmp

Filesize
96KB

Download
memory/4504-2271-0x00007FF9966C0000-0x00007FF996701000-memory.dmp

Filesize
260KB

Download
memory/4504-2272-0x00007FF99CE70000-0x00007FF99CE91000-memory.dmp

Filesize
132KB

Download
memory/4504-2273-0x00007FF99CDF0000-0x00007FF99CE08000-memory.dmp

Filesize
96KB

Download
memory/4504-2274-0x00007FF99CDD0000-0x00007FF99CDE1000-memory.dmp

Filesize
68KB

Download
memory/4504-2275-0x00007FF9966A0000-0x00007FF9966B1000-memory.dmp

Filesize
68KB

Download
memory/4504-2282-0x00007FF9932C0000-0x00007FF99333C000-memory.dmp

Filesize
496KB

Download
memory/4504-2283-0x00007FF9965D0000-0x00007FF9965E1000-memory.dmp

Filesize
68KB

Download
memory/4504-2261-0x00007FF996710000-0x00007FF9969C6000-memory.dmp

Filesize
2.7MB

Download
memory/4504-2284-0x00007FF993260000-0x00007FF9932B7000-memory.dmp

Filesize
348KB

Download
memory/4504-2285-0x00007FF990E50000-0x00007FF990E68000-memory.dmp

Filesize
96KB

Download
memory/4504-2270-0x00007FF991DB0000-0x00007FF992E60000-memory.dmp

Filesize
16.7MB

Download
memory/4504-2281-0x00007FF995CB0000-0x00007FF995D17000-memory.dmp

Filesize
412KB

Download
memory/4504-2280-0x00007FF9965F0000-0x00007FF996620000-memory.dmp

Filesize
192KB

Download
memory/4504-2266-0x00007FF9A6F50000-0x00007FF9A6F61000-memory.dmp

Filesize
68KB

Download
memory/4504-2269-0x00007FF992E60000-0x00007FF99306B000-memory.dmp

Filesize
2.0MB

Download
memory/4504-2267-0x00007FF9A5800000-0x00007FF9A581D000-memory.dmp

Filesize
116KB

Download
memory/4504-2268-0x00007FF99CEA0000-0x00007FF99CEB1000-memory.dmp

Filesize
68KB

Download
memory/4504-2259-0x00007FF7C85F0000-0x00007FF7C86E8000-memory.dmp

Filesize
992KB

Download
memory/4504-2260-0x00007FF9A58A0000-0x00007FF9A58D4000-memory.dmp

Filesize
208KB

Download
memory/5912-2509-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download
memory/5912-2499-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download