hxxps://youtube[.]com/@boffy/

Resubmissions

31-12-2024 05:12

241231-fv24pawlhm 7

31-12-2024 04:49

241231-ffsxgaylaw 10

31-12-2024 04:46

241231-fd1jjaykby 7

31-12-2024 04:31

241231-e5vlxsxpd1 10

Analysis

max time kernel
897s
max time network
900s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
31-12-2024 05:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com/@boffy/

Score

7^/10

microsoft defense_evasion discovery motw phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: EA76ADE95776D2EC7F000101@AdobeOrg
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: httpswww.youtube.com@boffycbrd1
phishing

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
263	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

defense_evasion

SIP and Trust Provider Hijacking

T1553.003

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Local\Temp\{B601791C-FEFC-4DEE-AA32-C90038D17D8A}\8tr.exe:Zone.Identifier	WINWORD.EXE

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 6 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	WINWORD.EXE
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	WINWORD.EXE

Enumerates system info in registry 2 TTPs 12 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	WINWORD.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily	WINWORD.EXE

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings	msedge.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\AppData\Local\Temp\{B601791C-FEFC-4DEE-AA32-C90038D17D8A}\8tr.exe:Zone.Identifier	WINWORD.EXE

Suspicious behavior: AddClipboardFormatListener 3 IoCs

pid	Process
4460	WINWORD.EXE
4460	WINWORD.EXE
5080	WINWORD.EXE

Suspicious behavior: EnumeratesProcesses 26 IoCs

pid	Process
556	msedge.exe
556	msedge.exe
768	msedge.exe
768	msedge.exe
4720	identity_helper.exe
4720	identity_helper.exe
3420	msedge.exe
3420	msedge.exe
5112	msedge.exe
5112	msedge.exe
5112	msedge.exe
5112	msedge.exe
1328	msedge.exe
1328	msedge.exe
5540	msedge.exe
5540	msedge.exe
2460	identity_helper.exe
2460	identity_helper.exe
2416	msedge.exe
2416	msedge.exe
2972	msedge.exe
2972	msedge.exe
2972	msedge.exe
2972	msedge.exe
5352	msedge.exe
5352	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1920	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1920	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
768	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe
5540	msedge.exe

Suspicious use of SetWindowsHookEx 12 IoCs

pid	Process
4460	WINWORD.EXE
4460	WINWORD.EXE
4460	WINWORD.EXE
4460	WINWORD.EXE
4460	WINWORD.EXE
4460	WINWORD.EXE
4460	WINWORD.EXE
5080	WINWORD.EXE
5080	WINWORD.EXE
5080	WINWORD.EXE
5080	WINWORD.EXE
4460	WINWORD.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 768 wrote to memory of 716	768	msedge.exe	77
PID 768 wrote to memory of 716	768	msedge.exe	77
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 4368	768	msedge.exe	78
PID 768 wrote to memory of 556	768	msedge.exe	79
PID 768 wrote to memory of 556	768	msedge.exe	79
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80
PID 768 wrote to memory of 3372	768	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://youtube.com/@boffy/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffddaba3cb8,0x7ffddaba3cc8,0x7ffddaba3cd8
  2⤵
  PID:716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1956 /prefetch:2
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2584 /prefetch:8
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4612 /prefetch:1
  2⤵
  PID:1316
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4072 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5328 /prefetch:8
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2112 /prefetch:1
  2⤵
  PID:652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1784 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:2636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5628 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1252 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8212 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1
  2⤵
  PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8972 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1
  2⤵
  PID:2272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1
  2⤵
  PID:3380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
  2⤵
  PID:4200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7540 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8768 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9504 /prefetch:1
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
  2⤵
  PID:1000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9488 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8384 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7840 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9244 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
  2⤵
  PID:864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9580 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9188 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9284 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8284 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7780 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8496 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9860 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9868 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10204 /prefetch:1
  2⤵
  PID:5428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,5941927703851450820,17844198412841135750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8420 /prefetch:1
  2⤵
  PID:5972

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3376

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1884

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x000000000000046C
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:764

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:6136

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:5204

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffddaba3cb8,0x7ffddaba3cc8,0x7ffddaba3cd8
  2⤵
  PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1696 /prefetch:2
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2500 /prefetch:8
  2⤵
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4376 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3984 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3892 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,17771250341484796034,17229956654472426867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4008 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:5352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:240

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5384

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x000000000000046C
1⤵
PID:908

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5984

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Pony\metrofax.doc" /o ""
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:4460
- C:\Windows\splwow64.exe
  C:\Windows\splwow64.exe 12288
  2⤵
  PID:5292

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /Automation -Embedding
1⤵
- Subvert Trust Controls: Mark-of-the-Web Bypass
- Checks processor information in registry
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:5080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e9a2c784e6d797d91d4b8612e14d51bd

SHA1
25e2b07c396ee82e4404af09424f747fc05f04c2

SHA256
18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6

SHA512
fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
73492862e89bb0bf85e735dcf9863e62

SHA1
73231a1730424154c8fee57f319e66b9c7330e51

SHA256
dc4201b17ffd2b989761722cc015e132e9aa65ed87870eaa075e44c88387fb39

SHA512
63a14c62c2f3318d73b7abb4cd305c1a828d4391b7ee6f130a162ef9216ef6640a35e2e84a59154bf693f62f6219b3af8e89bbcf5cbf78947ead512ab2d441e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
864a8da48d726596a1820bb07e7f3a53

SHA1
a41b8443a60776352810ce2091f91b1f18eca4c7

SHA256
6279ba47a31b8374d31853dffb238a9b2a3615699cb928ada75f503991abf984

SHA512
60c1b0c077f47a97086d7c989c8d89122c05e11d53a93eebab53f3a6326f16344dfae4691f5d72a524622cb869d3d5c0c173a8c665d6f622323a1408f0c1b919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1fc959921446fa3ab5813f75ca4d0235

SHA1
0aeef3ba7ba2aa1f725fca09432d384b06995e2a

SHA256
1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c

SHA512
899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7d56b602-0143-4df4-adb6-ffe9641abec5.tmp

Filesize
20KB

MD5
1ef6e0ef64202ca79989c3193924e7c0

SHA1
bcf6666e6f00654fd68a3a340652df24fceab492

SHA256
614ae189458ca17b0775a84b0780a296df049c462a7515a831b6c12a227751be

SHA512
0fb0fc829a04c143170912386558a3f9d15cb5cef536506c5dfdef3f43d6e60a2b0148baae9f183776d6d5b85a54fffe3397ea4425a44a10752a6c8187ab89e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072

Filesize
103KB

MD5
68b3385a6dffc8d64e019832acc918ed

SHA1
7d29dda429ced1040ee8959b5688387d4dd1b4e0

SHA256
17190922204c288b25c7db6b10eb4130b147c53171e442b25bc1f2d56bb74aec

SHA512
3c90deebed1c066b1629adda526ada2821ba66dc523910c71d84bac4d88bfb830965af355c132ba9d7aa84acb58bf602ed9b4c70f6e2f42a1b4cae203ae85426

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074

Filesize
16KB

MD5
12e3dac858061d088023b2bd48e2fa96

SHA1
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

SHA256
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

SHA512
c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

Filesize
236KB

MD5
b46031e02b69c55b43053aedc00e59af

SHA1
3b4f355a7ea1d6f0da5f117335499489868087d7

SHA256
296d5be0236dcc1d7ff8d3d17a47a698c0d51968c9e4907123f88e21c14e0840

SHA512
a4fd995debf4369f826dd4320c169394a6c76e65036410261bd00e025682195847f9e26f6b498e90fccc7b054f52af277cd17944f14e050bc930e3d47c8a87bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

Filesize
20KB

MD5
323c0dbc3678046d7cc37c8060083f9c

SHA1
a4cbb87d0a0cf4c07fd995c221e88a3a47cea38d

SHA256
e8d36c70489e878b82bc6f790d114d1a32c7b187b1043212a76f8146d9fcb005

SHA512
caa84ca897a4ec335cfaa2107dcbeb56956584a11ba4f4a4b05cb942f95c9676fa7b921f1f01a7ce1de912441216a55247d7926b35480e9ebe0e9ee173b54d03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

Filesize
17KB

MD5
663d0d0966d3e0fe61cb9cd631c35c4c

SHA1
d371a2344f891ad2dc585f66eee08f4330634184

SHA256
97577b7db223876f9a048ad8833c7b55726ed464d8e9d34c303c171a6f32d7e2

SHA512
75be36c722dca266a10e3d8003d7b68906e25f369d9009c6778ecf2f3a4074b6c6307e37eafbd5e9cd755c2a850579df765a1d1d7be1caabd17bf0b426a65d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e

Filesize
19KB

MD5
ab7532c8d5e38228215da168e80637af

SHA1
00d5eda03bb3dfe84356d39e2d445d54896c3797

SHA256
20ac4ead3e1e487b273d9a733b36efad29462dbe10644f65ee5a69d8aa971240

SHA512
38d0eb27d49db442b3acc674853becc280979a9d2d34a972cebd61b803e5b8455b4f949ab904079d640911db81706ed23b75f3f36cd3ea5aeb98fd243aecd6cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080

Filesize
32KB

MD5
360fcd3971c9cb0ec5fea9ca77ef0c3b

SHA1
e3d794988c6fef82caf4eb67d967e824fabdc0fc

SHA256
4e10df81b9fdee658ab919cab93cebf9a84861d24fbf5e93b933ed6f4b3d40ea

SHA512
6391a628adbb17bd3f52841f114720994e6e218f50f8982d599ea3f1c5bc88f586c4fc31a2f631939dd534171d4fb03817ce909a33f1d90dc61386fbefd1b1b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000081

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082

Filesize
95KB

MD5
bcdfb782d39c9a458a3a27f656d36152

SHA1
cff683fd785cadd90d05cb96ebe0f6d8afb7e5df

SHA256
3bbab0f08da4b07118367f72eabc23211be20b54b58004eeee2eccc34355f7af

SHA512
fe2b8a8ba2927cad99c09c0c664cc0151d278044c5c86c08632fb276d88501ab5de570fbe8ea3e2abafb5782bd7929e7c08747c8b65963c376e79369a139c702

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000083

Filesize
142KB

MD5
8690bd51797d5dc101bb565e3e5dc06d

SHA1
2a8cf2c74cce3c5831cf038b632dbe8b00cb6b61

SHA256
21929bee1de97706b0d3f99b8c9088b4c279b24629db79798a3f0140e723a4c8

SHA512
cf54069e149b8c32bad96597eb0c235a395c498b5d53ed5ce4e92d75dc6e5dd94f3d0c2f83dadf75de8c944793e1b75b27f4dc3f1f011689e1995da31fd7e9eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

Filesize
154KB

MD5
546ab2284d7975b991c2b0cf783d536d

SHA1
28e85560d6634d69421e44c7cd8f30a3b9961032

SHA256
67c35a5a741ee5680a056562d87052cf337aee111e613bf0364c909229f7609e

SHA512
060bc924f7c4ea8abaff64fe26a75cf74525da4ce9974edd653f0cc57b9f733f826f24cdeca56e8e126b7f3ac9d162df2a5bb755f1250792790cea6dc504db1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086

Filesize
27KB

MD5
bc7321f62fec1792b4b4b06eb70b55ed

SHA1
1ec07a8dea6ba3e7cfbcfa03fd41e4fbcab88d80

SHA256
4568f3217ad7eca8b87555678b82e4fe003aa5df2c4dd7cd27f469961b3bf303

SHA512
6fb01025e6d815f26047d4f2c0eee18a992ed550b73b4d23733b2d00c70827e1407828986c2fe13f2f08a991dc45e555177199c7f226ac5aed5323bf5436fdd3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087

Filesize
153KB

MD5
1b2731006f2b2597b02859e501bc2d4c

SHA1
118d27a703cef3fb083593a56bbc93e62420f30a

SHA256
59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd

SHA512
f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
20KB

MD5
014a1b0224fa841a945de432dbd13f49

SHA1
d00dd429de3ae8107d2112fdcdf82570fbcaed2d

SHA256
27cdba1a1d6be78c07d329f54a589d05627f6d1645040adf7fa529d76845e43f

SHA512
fe1a949cf7158b1a8e563c10f46f3c3440671d239abc423b37f24804ffbdc694e1b62581199e9dd8bfd180fd2f7bebd0e8e5ab1b4bff2f999fc5716a21918072

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
89KB

MD5
a5fceff4292d4ca05bcd151e8cd422b3

SHA1
b6a4bac921a9f754e6f0598a8a33f9103146c2de

SHA256
2b2b65e631cc4361a776c3947a60750c7d6d4b1c808cd9b9238e9d66707f3a20

SHA512
2a7a383a2807c692832d9a32d9ae1947fb636f2f464e682efc97d68ba4a42742c2aef581fd8b860f21793d1043d5dde0412eb246a48fc48652cc65d0dbd26759

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008b

Filesize
84KB

MD5
578cc8d5f46dfab0397703ae172633b0

SHA1
5a5396d67b1d01c8c3c312580fb58a33d5e2f984

SHA256
f1a47130d64664dd09abd018c6e5173e967acfdd4ca64b89406de98055e37880

SHA512
3e26b71151b0f17a61ecb655e4cd64d6a2650c36bfb9a5e6e0387ea8a081600fea1073e818e442036464e18408465134b6854ca4a8ab04be475995c64e27de97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

Filesize
89KB

MD5
4999d6036b27a721277e901d7b252f36

SHA1
738bbf5ff67088bc39c81d2d378dfbdbe4001212

SHA256
83d3515660665545c54a57a6accfcfb29de9dca1ae87704f5803d9a1f4f8c7f3

SHA512
75d004bccf7e0158ecc1fc8a8e5e2bb8f13a8009fe8a733330b378b24ce01520d8db5546ba0f0fa0842ff063705388d2191bd6e0bcbc4599232d2e2f351dd6a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

Filesize
28KB

MD5
9ebf52e1e4c1627a5b060601ffb483e9

SHA1
1cd01bdd300ccb77571251dde0be74a907e2ec6b

SHA256
216ea1737cacccb1a0e1a0c506bbfff5bd0c68aad94822fbf578cb81c7d72f49

SHA512
b029afb97638d132521022952ff84aebe822a53fa0fbdfaa359c410b03c63c72a23a9602cb64cf927e142dde1d3746ab7e0420c8cf7ac0c02af09eb11818a4ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008e

Filesize
45KB

MD5
5f339ff8127ea962b8aa3a95709b6ad1

SHA1
340631518650a5f3beef366ee93ea20ceb5da39e

SHA256
b3ff14cf44c5c690b256a05bd28f7f5b193f1b03ae6a6d512dc267ebaa505260

SHA512
65e21ff5cb91fc5221bab0f952d6be06726ed9fc98d5d560b2d1e1bf2d25c3de44b1509a1962e925ab543dbb2d42eeaa7e572f9501d8e35d980e769f30b4d3bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095

Filesize
41KB

MD5
ca9e4686e278b752e1dec522d6830b1f

SHA1
1129a37b84ee4708492f51323c90804bb0dfed64

SHA256
b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26

SHA512
600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096

Filesize
20KB

MD5
077e3f0d3dddb018c1e71fd8e46d2244

SHA1
b50954ed5904b533372fe39b032e6a136ca75a7d

SHA256
12ea854aa2a6588219451d4af53fcd368e24b109085062deec4e5b891e059e82

SHA512
f9cb475d16d3e8dedc6ef2feaee4f9bad365a8bb992352163a0a9f4ff9e809bf895fc0ffd59375e60a44e5c5bd1f43217177fb44ffc0cc76cc85e45a612b9b3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098

Filesize
67KB

MD5
bcfda9afc202574572f0247968812014

SHA1
80f8af2d5d2f978a3969a56256aace20e893fb3f

SHA256
7c970cd163690addf4a69faf5aea65e7f083ca549f75a66d04a73cb793a00f91

SHA512
508ca6011abb2ec4345c3b80bd89979151fee0a0de851f69b7aa06e69c89f6d8c3b6144f2f4715112c896c5b8a3e3e9cd49b05c9b507602d7f0d6b10061b17bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099

Filesize
20KB

MD5
a4f3afc86190a2d47f56664367af370e

SHA1
57613bcb2a288ef2508e847e7ba35d52f2e87de5

SHA256
52fd14eb766bc6676dd81e3bb50a4dad1891bb9a47e38c3ec620aa6c2b487c42

SHA512
bae75c59141ee60ef1fc2c745117fafea3d386b64f2f67c1022909f295228578bfc5e5e49de5a2f2efd57e75affc0a7d09fbee8fa50aadd82aff446773fc690e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c

Filesize
18KB

MD5
115c2d84727b41da5e9b4394887a8c40

SHA1
44f495a7f32620e51acca2e78f7e0615cb305781

SHA256
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

SHA512
00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f

Filesize
20KB

MD5
59ee96aea4061c8a38d2506c4805354c

SHA1
273902cf69f0ac50ad5c654fa14ca8ddc295b99f

SHA256
7c8672db679b72c70317a6edbf0c2311ed3653e1d911376cf232e334ec7eaf4f

SHA512
6ddc4427481f02ee4f3246384671ff8d41d856d8b0e281c651431a2377b16991c5bc3a3fafb5c1f80ccb05f9219cf201f9ec547286940584c0a671dcfbfefa3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

Filesize
31KB

MD5
00bd4556d9672009a7cce0eb5605fd1d

SHA1
e6aa062aa34cd745dbaa2b0fb851511a5ea734dc

SHA256
11e4340eefdc92053fa38149176a0c17f55472b8fd3897426a76050aedcb8621

SHA512
34f87481e0cfbab27750b392d885092bcd6e11796745b5ef7f39e9564b8d29d169cf8d72795e45745c366c18057d02120726951d2729c699bc60e6518499536e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dd

Filesize
17KB

MD5
a8c50606c3c61caacd05b38341660a33

SHA1
0eda279e93fa76376f0f3ff8ffefb9a695402bd5

SHA256
2433b78c1e9abe372b72fe822420834353503064a2f016028b7a244ff84d038c

SHA512
34146b590f3977706fc0cb929c6d69387fd5d3784785c0eb1eb4a02b1cb0e9a673a4769e2dd86acad445d0148cd0b63155d130ab2415cf964684fc4ef5a31f75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
59a9278532731302112af5e6400972fd

SHA1
e5c66b6573bf4befdc4a611e12ee7bd4e3c3dd58

SHA256
6f3c4ed2e08f95f503022c0f2eb533113b1ddc07b3207bce6719f5caffd1bf40

SHA512
4bc656f45104759a7a8a2fc0ae4a9f8afec1744b988b0449d76d79c579446d7d12ab227f395bde148e8fbdac46a526871650cf2cb86b1ad3da006e1bd1513e28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
91c73cadf518b406b2cc6bd2262f23eb

SHA1
a203b87bca3b28901a130f1ab25824a1afe2693f

SHA256
1bf6bc551fcbdf11cbc8f8a8b990647710bea7ec9838d311b41ec5edb6a96d68

SHA512
4d5572e4ec9ad6446cb31f8fefc121439f1dc875e434ab393b804a85837c399c60e0526b19b4224bcbcc5d0b0ce443be07b4683d2fe898d6a0fd9309ec86c3e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
04f4c5f6c91fe2009c4a8875b80a68f7

SHA1
ec0c5969467aa6c3c6c5f88650147aaec304bdcb

SHA256
04f389795f774a1a104abc47c4b632ef7937c1220de68b30e7fc0dc14201cb86

SHA512
6193cf9496f8129ce55a3a4e6064770650a3e5b859c9332e8f062209390a9a1e685b2251a9c4d4080473dabc1261f4bf54b2ced6953689837ac43395132baef0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
a1093cf5abe2a6dfbecb7f7382137434

SHA1
57df2d301d8d4348fd149a0ce7f0587bde28a763

SHA256
5091e8f6aced85a3dc0676df8e7689cd6497d336b9444ce59413199f172365de

SHA512
86ee3d518ceadb04a2a477088536adca816038b3f02da444e0d88e1e2d9b119153a1953aeef5b7e4a0bceb4b243f7747480bae44561dfe5816527442ceaa6ed8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
80be768c96c71bd5524ace1fdc924cd1

SHA1
ad211d45ea5e5c390fc9a220b515999ce84a6ef2

SHA256
9536d18c5504334e710d2a9525e59570e6285ef815000318d8817efa3b167508

SHA512
f6243dae43f5822f485fc2df592da487b5f122d3df35bec3000334644a3616585a8e82ea7d8829f5e99990c1fe7bcb92b29e79a7ef6fc1a24c1d4b307df58eba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
58d4e0d91b05b1407ed74a1caceaba41

SHA1
3c43654c9ccdfb2209577511d8b5ffc78e3c22cb

SHA256
786ec0c6dac3e55e1eca9c552006cf3fdcdef3768e2b7098187c0c293dc0f8d5

SHA512
33510d11baa4a5e6d16a1c57cf55f65bf55e7085b2c859ec9d6814d542e39dbdb0b20a2c3b2b7969d4d28d5ab616015380dd303849b3d4b9b6eba1e2e62d77b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
f47a7115842e7cc01aa1a529df4ef0b4

SHA1
94f597bdf33cc77c65a5089212f156742ff353df

SHA256
36ef148b32f66596e5a89f95e1e7a5eb9c98c4b21b60f0a35a1dbe884a108a85

SHA512
eed5dd252508ed9815a877730ffd3c0812409c2450b859cb0926c40193a5309ea8939ae9f3bfc898f3d7e773b6d82fcbc8d0047639d50ca23ce522b08c42352b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
20KB

MD5
db08c240b2bfefaf25785494167aaa90

SHA1
eed0d4a7685346f6f092d8f922cb76c2dd3820c3

SHA256
9cc1143f2d0b7d4538419aec215d3bb75873cae78d4a76d1b81dd3a04ef8ebfa

SHA512
ea8e8edb275c79919c57bfef4f0c438ad8929f0ac3d108488a09c5fa9a024938168d5163fb5dc6cfdc7a296d55c86fcb5eefc58a13bf643b19a9951d99692f36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
4e65c935db3a53ffeadad2ae4e8932ce

SHA1
b4ce7e4330b3c020105cd82e34351057d14e0ee3

SHA256
61719993d4e2e6bd7e58c56662f598a6a5b59beccb7fb61176f3cff31fdf00bd

SHA512
426ab18585d5a8306dd72538a74cd44f1a1b6b61555d5798ac29edabb551ad28c0ce0d18791c0e223564c134d35fbdd81a81337d2af5871baddcd4209c615568

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
042e0b0d2e97f41fa97883e29267b496

SHA1
ea3283316a32fa7fd79ad3cf0e116e5d54eb7783

SHA256
c5a20bff73c3d8f01f226215cb417ae490d2150978ac463983bff516b88ab41e

SHA512
718295c937e7bd52386584d91a842c9600bc0e11e99d9252531890c83a0db3b2c9c171524ee261a3fb4f401b2815ef401fa47382e57104282ca1fbc184a60baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
9a8299a31895655cfaf8525d94132718

SHA1
4473b630bcfe52bba5ba74ee7056ddaf5e29f92a

SHA256
66ca89b357130dcd56b087b02e1ddd65848b7cdefa87b1a3869a14d99b7b7bed

SHA512
b223d0ee2f89d03fe3cde4011eae32e51f8c7744690707e275f58b3d4181be90662491e39fa13d581b778facb6cb320a39dc4a4139e0bbc925c8aee5afd4dc8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
dccebbcbe24c27e785075603ee6aa818

SHA1
2a9ee97b6ff03235c0f8575dfe0b4f6b6664e1b1

SHA256
02b4e9693f9fbb54a10b3a1d8de0a94e5cf8575b78301552215a82020b4b3957

SHA512
2cf79d84320b1aa55804d8401c57090d69abc3b8fdbc4d143f93033e7ba56509c98a3d3fe5e5e546de7882dfb6066d8823dc5e11e9010937bfa272051f890c9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
21KB

MD5
f13c3740c8554a8d575676ccf0928e12

SHA1
28c45270b4e99a0d690740db2e894730e49f453e

SHA256
8fd722a616757cc87dc45483928d306b75710b253b669879f3e01e22650cec6a

SHA512
c1cf3568ddf8c6528470fe082a94bc6d858163f5f8f09d234dbd235cda597b14cd970bbe6db05f8660f20dee7049a91ef12fcc4cc3705a3d32fb5d105512b23d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
74cf26be0ec3ffede72180acc7c05820

SHA1
cd46ecc379a1c3d203c77ebe7737e9a7b4853ec1

SHA256
64ebb5e73b74fd8ae9e1119054b63db5592961bf6ac0ef56f12a97a0470b9de4

SHA512
e4744a490248222f57b6fe88d12e8f0341f7802cf310051859702abb4116389f845df5adcbbe2cf1bb5df1e8be4a00fd8f7ee6bab5a7cadd417c08910d9e3cf2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
6db95b157c173772f11ba4e2bf3ca5a8

SHA1
3198ad3fec35fa2689c7f7818f3e365a7728a8b6

SHA256
4f7e1638a264a5be0ae2096bffba5e79953856f2379fa045fb833ceb5439b2e7

SHA512
eb22068c14005df3fa451a83eff72159796e3e76d55cedf02df2fc69a622ea375802f452375e63782f16a92d6e7373acfda09a8c6c3486e72c0ae96f97300462

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
f4f8ffed68ec4e8efbeddf63f87a40f9

SHA1
3cf895d0acaefb63b0273f7c9f8bf1c52c91154e

SHA256
6d087b85eb07f084867ec7fa906ebf295381c81e1393d66277d75f8ecf1f2937

SHA512
b84223b4a3a8300b1ebe3a857b1996e354b20b8251c6f4622c157cd6568a2295489836e1b9e11247a671ed16c4f4048ef2a3d698578ed47257fa73ae0acd5acc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
f5603a5a8dc92a12cf59ca73e7f0f787

SHA1
f2537874b78c988a32296e690c2f7f35f3665842

SHA256
180e484602de4a221f575cc8c1c1cea36c3930cad7c0cfab6f792d2812350c28

SHA512
7ea2dc5668e6d52984c87d52a3eb0060ceb98083a175207153fc0a11e844bf266e76143429ccb2e0fa5efc1311267f3ae77d90afb5b67cfdbb39a902ed545765

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
038304a2c0a55a8a628176fa756e29f4

SHA1
0234a65cfd4e1cc04870cc0a89929c2093279bf9

SHA256
a7d5a8625be752a86969ecfc13ba76e620e2835c7a99eabad1a9a589e54d51fa

SHA512
813b64f0bd09d3dbb50e871086b9bfb89b01989416863cca1a2224a879d21393ef5f79d57de56687710ead86b0b7c3980d1c353c9be9b22d2d0704bb61c6d393

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
da58b6a9b9f535b2e82302160ac50bc3

SHA1
a97ec0b6267177829266ad53509c2b3e70c13909

SHA256
0a7cd84c389e8e97db7da9c80f0d77f8377a800c4e8562a1afce1ba6c9741a5a

SHA512
2bdcacc94cd4dfb89b5127a56bf7f92b0f3ba7ad9b69025ca12d55c8490726a07b31744f0fc71d3c9753082e2d26488f39861f7079ebed67877a0fcd4f7615e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
866b81649fcb45039ae28cb219eb57ff

SHA1
97674153242f77b957f1bc1121602b54071f09c9

SHA256
bafde4941b4f380176266818e777960f35d01aae7ab62a96f92d0eba5a68627e

SHA512
fd6968bcd06644a49e0016ec2c1de8c47e251228344d4361451080864441d78be1d31f8a223a91790ce24d67220863ecfa6fad51100c54b42785cafd70fc0494

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
0d984cc69f4e0cb2f1fd1ac6a2aaa237

SHA1
79325989fa79b68949058dda23fc56cfc6b0cc0f

SHA256
48bffdf3abc174bbb145f45e5b260c9b31450dd6056763c4a4192d64788a7799

SHA512
d0aaaa553115cd4c27d4611a8abc0734639b0d52e22f36b0ac8e87ee403a21a48794751af485dfbb73050ce5eb93ea0bd6b3ffc09fb52470f282b29230fa6e73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
269c576b375cec7902824adac308f20a

SHA1
28d32fe07751b0bbc35c2cb87242b2c42fe556b3

SHA256
6799d515f1d070db60bf08103ebac5bfa3fd522f2d06189bc11880d86fb33b19

SHA512
2521ccd81895418cd8f98cc620e462c7a66c5b488c6dc5a211c9f3909e4b17e4a07980e35eee54f4202f04eee0cf26e4a7f39ee51b983117677f0dff6371c138

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3f399d96faeedc82c143854c49b84534

SHA1
bb55922ccf97c1a523352a196a9643a712daaa91

SHA256
a5b383b6a0a6287ecf129215b55185f488a6c9ad871e9e28ed8b04ccd2eae194

SHA512
3d3aaff7885a2ff0ced09f5c01769bb89324e0ec31c9a8d1a3a2c44cc086ee8c1bfa3f2bd6b2261b9c2d7781f8e850ea1c2528701b89adab5c4ca36faa6051b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
f6d17965aaf5393537fc5b4e866b0385

SHA1
a108f8ab510aee971f3b153af16944ecc69e4ce0

SHA256
7990f510557c8a42cf2b0cf4f8adf338ee95271ff6654bc40d4cc48bd8975cfd

SHA512
c01d0aaefcf72228aee2aba522e128d840dd6428556a72cd4168976b990f3bec195f5b3dab9def83fe3aa14ea35c78bf83bf4e07bd86662b5b304ddbd8a6c07f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
be378c238378d13cf38f2c79a1a21e44

SHA1
96a7c8f294ab719ab05292cc00aed86c5d8fc9c5

SHA256
1bc97bfae8c7a2e4488395c1660a2e2b61df03d1f6d00fcacfabdd572778399f

SHA512
ee7966ef92237756e696927360c167aa704278f6454a0a188c6e5142f5c6bb21a96b652c3be8e063078831c01f46ba61f4026daa408548771c2576bb7c02e054

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
662294a52219c42abc3f8950deeac6d4

SHA1
1dfc85a84059106f4b24089e3acd962ff383e80f

SHA256
488d7e34de08e382e7175e4d58b91db0060e4fe86738a4b6e4a7888bbea2e0d2

SHA512
afc5c94afe20fbadc69df23d0a89c9af50f4007db9e0c24a208772723c43bb24465247752563612ce20d1fd39237c9c83f2ce909585969e5a3eb29d8e80b87b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
20624dbf21ce34af930523122e581022

SHA1
99dbac864f8062bf59dd9df577fa8a9aec8338ed

SHA256
8cec6a0c36e1aa89e55bbc92f0d5744f50bee4184d0165ede4b2ccf8a716c042

SHA512
1bb1eb1baa502f7439ac1d7564cd31afa8c5370f24801b0a97083b44b1b78149d6d22394afc38a010530548d0ab487e2346d97386d7e7bc5f46de335c2ad6f41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
1c849aabd49f0d0cd03fe2496442cb75

SHA1
85696793a999a6211c6d637cc8052e6aa9fc75f3

SHA256
6e33ab11620e96b5e1f62d948a7cb53b28e6dcd1c4bcc1b7053eada84746877f

SHA512
1878ca92852078420628f2958686dafa275442ab33ed32abae849ce6b0e28ade4fdfc8b7e43f9187c7a00de38d7e20fcbe051d32a5d0fb9f500d1b4890fee2c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f148d1e8770f56f87b81442ecc8dc347

SHA1
fe843b2a9d56874ccba96c099d40280786d22b7b

SHA256
a96f574098f11a5722607db66cab57d82dda3c165a58e2febe77eb4c3d16c5b9

SHA512
e08b641b042bf3cf21900c516bf63458005fdbefd22e21faef09a1580227b4aaddc117e32d0081a99104c7e559b9cccf2f31a9baaf1add62786b9da0de26acfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c6e9ffd20fbe51f6818e2db92faf1972

SHA1
d499a814c1bafa708df25832b344dad0e39bee12

SHA256
99a08194c4a903c9bd3c0342a5c3768fbc9862d2521cca2e9c8d727e762ad797

SHA512
4814ef62d671d0a421c40a5a2c809ef4c4f476987b9c22870d3b612c285fcb5186ba7d287379a70c779afa23ccbe5636231530039271047fd9efbe83c4db7e1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
907b7eb43304e058441c1c7b7d699f92

SHA1
5c3c5b4fb6a15b2f89d855e02bcff5ba288a6eff

SHA256
7c79b3eb6d6a8bdffcc1510281051ed87a4ecb3ec57378591588296fecb966b8

SHA512
9ca65385f90047ce914c7ad662e713cf41f461af9cab7766355d7357820ea173016e8eb20abd7866e1756b3fca8bc0c2ef3cb3f5edd38c72f2aa4d5dd6db288b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
43774cefbad4d6a0011405707bcce0f8

SHA1
ae77770344f15308359a661378103cd8cade16c8

SHA256
50dd0ad4614231367fcf877ac52ea9f3631995c104b287ec7ff1aece30db13c6

SHA512
a0eeaa6dbf73af31cdac2b6030603b0d39c0e4ef3a1f126f25cfed0aea6f32aeaf692bc6f31f22e588256e0b8d77ab96c3fd42599b304aab5289fe2f737e2a34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
bcebe6e75ddb0b60d25d8ed4548650ce

SHA1
30a2b7ebc24c26449a4358761b5a6d7ef1effd9a

SHA256
91d41b273774583271566874d62ed7ade34fe629c374aae419128cafbdd5d85b

SHA512
adbfedfa5a22551db8435794be2f211d320f130dd70ee6f2e1a13b3d49531a04087341dcd0734d5b9f9c411588414f12e8b7f2364775c63c420d164f4178b6ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
5bdeb4a626d1b5c147d5d6d02f32440e

SHA1
0dee70e7eff51d99d5f8de699d8aaefce14ed69a

SHA256
cf1f2ba83c84af4049bf8193ffb2bbcbb83671345f7ca17d2167548e4b9a4287

SHA512
77c127dd294226d2e84b429369e552a82ba18170f4465ce062b27b1731373e9dd6fbe02105088cb7b7d9ac1fbf2da548aa59efae2f7ba11bd88653f559899f9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\598b0efb-e0a5-4f8e-983a-878876fa757f\index-dir\the-real-index

Filesize
624B

MD5
38a45b4e913082167570353714ba3ce0

SHA1
67cc6d91a38fab9503f686c8b5b7e7af36706daa

SHA256
421b9d444786f5e886988c856d616dd26d00200325d812c38275a3bed216168c

SHA512
f6fb0cd5ff1b2051bf49190b530b99719ef0539e89187d06eb8a5219aa6b7f674c5d25b7762748248f538678aee8827b1fc208c9c96117e765392ca62f346ca9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\598b0efb-e0a5-4f8e-983a-878876fa757f\index-dir\the-real-index~RFe581e9f.TMP

Filesize
48B

MD5
41795c4d27286659195ce7010f48a259

SHA1
13268cfe45f6ede9964771d6cb8f9578af414719

SHA256
cb1a3072b08c7ab3697f249f1fa6e095eb9afd3185444b82862f0bd2b0432ed2

SHA512
338371d60244755de93ac9f08cc2ea8e59982d98c9577856cdbc9fa91daddc44b4471354318b3fc87778eb40c355ceaba8dfa451f5a90f3c81da878a81280de0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e9bc047a-1d17-4f5b-8e5f-51f81a006d41\index-dir\the-real-index

Filesize
2KB

MD5
9998d0e1849f7443ea196fab71057ff4

SHA1
b89b92316e0b01278199f311b450f83db603b50d

SHA256
e1a81b30b764d00085fa5a5a81e9404c4548857c80360d33d2a34063b146ff5f

SHA512
a3fd479b4ba55c7e943486154eba7f03f25baffc7ec57d4f88f2c9e401f0e8b3b8098a383397be94416015b2229638ca666a2788086107666e6b24ff96d4bc38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e9bc047a-1d17-4f5b-8e5f-51f81a006d41\index-dir\the-real-index~RFe582219.TMP

Filesize
48B

MD5
ef30259fda8736fcdb4847a8a2da1275

SHA1
4235ec43f45c0ac3bbee87a9c1f68be32ee3db7b

SHA256
68ef34b960e418c31dfbf76883382f8e6d86f2b14ad907688b272b396e8146f9

SHA512
f25bd94e05e8e20dbd63c9063366cacf558f6e6b421bf9d213f5add84c183a965463d7cc79548edaf018fb5cf5a0ce1a7154a49b20f2c67ab0a2a44236575fdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
708497e3255719d9e2de81f7709efb2b

SHA1
9aa1bf6092c67be14b4d77552c430e6db7f2a9fa

SHA256
e031a20e00c3fc64a95423c01d38a370b29bb1eaed8953ca4e94eea92028f7d0

SHA512
cfda6e216d56f9c7dc64506a6a477ac712a4fa73eaeecf2208aa25ac569f19e31ea462ccaafaea18fad38c02e07d7e607e44e2e57290877d1c4efab8dfae82ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
2188b81b37bec547caa0ec4c490b24fd

SHA1
11abde71c0d1a02bf26fd6f84caa94e140576806

SHA256
bb5409310cebe4e6eb050e34dba43e01b691245f29f886829440ea88320cc22f

SHA512
68d0499d9f767fc151586bc04344a645ecd90835f7a6ac35f302c3872d6ad64faf60e1d83a9838ad64a0c362527ab3538c8f79c51957bca995fa1cb740ef1676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
155B

MD5
3b55898ea91f88792e72d81b3aba7ef7

SHA1
de3bbf72794b2c6c329b8fc30c3acc764b863ea6

SHA256
5bfbb306421862a2b1e3c4cbbe055428858ab47782f30b2485768de3538e12d1

SHA512
41534427897803af14d8fb6ba6ecffd7ecc4dd90772ed1d1b78130151b4cde8bbbf97fa2b7c7d23226f15d5cb86a900f1ca94afceed5c4dc81a1be94f5504b0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
a2703252cb5287f979dd9635be84c87c

SHA1
feec35be1fcd9f498d95e6a93d8a488e48e17a8a

SHA256
05b2639125a3d7adecdeca1aec4c77d4c32dd5e67d772ff9f56c0a1a0703a8f4

SHA512
82ce82d87cd92ab304130026d895160b5b4b2beeda6d0f92968400c96d66b026bf3c603c6bb5eb27fe1f862fdcd3bdc8e694ac370812f0bd1c834e9dc4e30e3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
c1ef3d102f235cb29de57cc9c2849916

SHA1
aaf968fc75ec3adebabf5df36ae0c9316ace3def

SHA256
218d05c2b28fd8dc7871bffa73ff40e6249389f21552160a0b5bdf3c789a9341

SHA512
8a9121f3e5a4bf7f53c8d2c39e9156544cbeff17911acb1c28485261b20d26784e1c3066105f7416f5f4c9c168c11c83871846ac8eb13046ae0cb95cbd3dbc45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
192B

MD5
a9206dd3fef230c292fdd591ac9e37aa

SHA1
2c6422952b6c0eeb9aa585ac9b47e7b2a1aa1c84

SHA256
f4dc5335d5d9bdd81853a2e7bdf41ce216d7b56ee133fc0bb434a7b3e0c3fad7

SHA512
66da5c2703fa6dabcbd5aae420bf06a0a92f600175566b453ef5dbea5d9e58a3b9e965d864fabdd85fa9d8c9737f76f11751e56c80375b7bf68da4760e170b99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
e9f7dce5d07c658ae0f5f735cf726d58

SHA1
3171f33a8f41dfe98a733716a7dd3e3a26a1d8b6

SHA256
2a37f131e483be9f3fbe37077e21182b9cec089a53e1b612b4df72319cc5137e

SHA512
75427f6910af3753ecd4d8d22e117e3dac098673e76ee98dc13f46fd326c6d9ecc140aa43db1050b7f23b5f94908ea4d35426e5b009551d82b2725f103d8b4ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
168B

MD5
010a1bc169835f7a9a416ced20ee8e38

SHA1
86e071b57e99a3b3ccfa02273a651fd86ad7e486

SHA256
b6c1fa1e4956d824f22f76b3ef3a878d81a3acadafe5e85169375c30de5c5904

SHA512
53993f4cd04df9ee2364af476014c4b945078a62c896bcd8adaaaa28c6c710c5f25e4087cd73d723bf116afefe070124bb985fc8fe39b169cf17f785abce88bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
cce1f315a8df9116cc09a8e73c1af498

SHA1
2fb0f034ebd05d324bbee639e324f85ec5e3988a

SHA256
d6cd16a6b0d20c29b43df19bd16e46c98ff68ad78a1409f76f569cd59209c9e7

SHA512
c8b1c45020c136fd5266fef80f7b2a3d5247358ea474a7a63dc863db52b67e191278cf598b44abfdc9a7116af1dafe8316bf71545a51adbbd1acdb29e045061a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58178a.TMP

Filesize
48B

MD5
8f064f276b71d5fd675db8ed2611a436

SHA1
661a4e10bef67f3d3dca2f5f361df244361fd132

SHA256
ca1e44915ca04460f2e35f983be45a0d1eb4e6f009dce4c6bddc829a4e68cf63

SHA512
1a76237392f4f39c410cfb05f344c54e0295759d56a6ecad83dbda1c78c2cb32cce341cc776f382e2ff4359807dc28dc6d55e5549571fefa1a8ca7003fee0585

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
842d440a03bd3f421212c34cb3d480b0

SHA1
ec3de1d3984881e73f24bab383ac221b1488e988

SHA256
152ca8a482ada1ad123fbf2b2b8f7e3b3a2354f664dd8e457161919c1c55663c

SHA512
e23cde960148f63bb96413c4d8093f48cf910acce676f659d05f74682a6b6e5a31e29dffce46ec0eea5840e78d405b8c8b078d8285e6747494e830f7af40171b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
6e73c6ffc182770a46e2911e47b188a8

SHA1
99bd5f4fc6554de1c8948c3345d6330517cef52e

SHA256
2de829a05b833ebec2779e100227ee48fa05ecadbdbb060aa5d9f53c0014f2ff

SHA512
90913421be1296ba6469b62924620f6116b060f1846c1924aba34f595add5b8b3f4617b7cf467af013ec36047a01b888f488fdd0798f1f61b698840cb5e26ebf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b1788195d153eff417282c042f885828

SHA1
17521d9307eb4925e41695356fb653bf929d2ade

SHA256
e7f28259df02d10129d13e9c85165997349dada18c5d198fdc4b89effd51b97d

SHA512
53a7c0f6389279e9033b7a5ec0560d5c56982ef52974ea6d4d031d880434e26d7896b7d2804e35afdaa45f223dbc7f467c8e1d3a7d84fee3fc4084a72e2f3dcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
ea9772f32914c8df89792fa98601751a

SHA1
fd765bcd7eac5efe984c0eaacc7dbaebea5763fc

SHA256
ed2bfcce28adbf900d8cd9034462ea68eb7954c4da72550b0823dad10f219be7

SHA512
1967d0cc0d59875187c935687362fe40cb504d86a1d88fdc5c528292cf1e7442e0ea6228208ebaf2afb4868e7383b582dbcec5ba65e5246c476ce54059f25551

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
504125d33fd9f9bbe353a6dfb0b78171

SHA1
9c301bbbe57d27da21fbf03e69e03abd17e02776

SHA256
667295f37c36f62345e4e7fc31ae64b3e3f213ec7d139e73d68bee0cdc1b0203

SHA512
e4b6904fe3aaddeb092027e8df25a2bb8f61f19aca2c63ce83e8f01ba823f048c64d761acc045908c0a0907c25e77a3bd576392c2803d4ad9115a709b377f083

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
dc9b9175bec9ddf9fdc4d680cfc28756

SHA1
a70f26288ae4d22734d22df285c4f1207ac106f4

SHA256
e428519986c270b1cb2353fde9ddd94c6873214473083992eff1f934234c9d68

SHA512
2fb3ed4b03e5ae0592b4921c67787f6a3100e99330b800fad5a280974eefa7cfd22dd5d77e85b668cd002c7af78f5fda639ce8085ea2022960de2fe691d29655

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
d1bb1f3d5bb5ddbc2eb99eb4b4f6084e

SHA1
20ce3a2ea81570ecda4343f60426a514f39e5aeb

SHA256
2bcf883faf351a3977757121a94ec5d87477df52288fa6f2c5902e94522264c4

SHA512
87abca295561b5b99808cf5fb113fd729b17087f7daef9c83a2840faf4ad0071d0983ad01fe1b5479ffcf198ce4b22685e671dec08e3a152fbab766eae858b45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
5370ee64700f36ae42415be2014a84e9

SHA1
b2fbc85e5fe66ebb7ae698d13accc3727bc012e6

SHA256
3a18855d9e3085ce7f06761ef09726c4cecf3c1ef8409a82c900727164f65a02

SHA512
89104121cda818471d4050e2e803f285574b5cd2bba445510e3fb0c32cacbb472598fee370eb311969e111e13d6f87b1032f7c9c3316ab0dc76aaae5c66407e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
5f8fa030ce012f783da45ee4ce2333f6

SHA1
5ee402ebd87e8da3a5a96ce534ea123f5b99902a

SHA256
43e03272d2eac961c1a91dfbd64cb29d7160a39f2615d6e664d0c65634eb5c53

SHA512
f85757807d0d1a94ccee0323e4a7bc8f471c785227ce55b38fdbbd56121921193c0c7fca05bfe89afd9dfc0e9ae988885d4445f6fc9c1aebcd88512681afcf31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f2254985a784ee542fd3849c375c01b6

SHA1
f0b4018fed60e6f1170ceed3460952b62f6e5ce1

SHA256
fc7e63295e62d74108903fa72a844ecebe75db8e573eb43d5570ff7819f9be17

SHA512
ad2055ce729344367ddfc5fa1c88c22eebe930ba071d7621cff533d5c8cbce11e252c9a759aa7258254a3b7f55e4d6725d7728e69be69ec522495f632cea7201

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
2402e11ce2424e884f78c7b139c4c1bb

SHA1
6497aa2178904e9cb02ea50692db18b305efc9df

SHA256
9beb00bd320d75351ee51866601071938259ecd1834315bf7202d5f1a54317e3

SHA512
b32f7317d3ba3046f24d2997e1156a500d394de057d8166dc109a0521543a84b2122998670b4c66c699a016443cb2061cc8561d51694106e46db37fa9cd9e727

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
7292832561f9dc399765f8d2dbcad7b0

SHA1
bec83deeb937e4225b81145d52633917e6a71188

SHA256
5c913c70d9459c287ac5e4c68f7b15edd9372408aa6887967db60f8afad7d18c

SHA512
23984b699dfd907c5c7b07cc95c358fc4f2fa217b1e16367ea8559b576a8d9491094ebf9f7ebf3afd308e1e2586c927f03fbf9c311bf1fd3a00707e2bca91c56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
eff46c5beb33a17745569333f1a69857

SHA1
8f71dc2777e06aeea3f5e6cae87717c443bcf49c

SHA256
82dcf33ca43f57986dd827a467d5478b1433abc4ce3329ffcc5f75ef0f00c939

SHA512
8115809b675270f2d12ebec522f46f4000a3df4dd566a0b2f639b08ce408f1da52775a43922b820c7986f8c91bd82b4be5895e3e21ac9afd1f24d71e6d1faffb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
ba911eb4355ee6cbb44d04d7aad8d303

SHA1
e9f3ff1f52b98fb836b24fc1a7b03342311c7bef

SHA256
3e542c7844ba4ef5afa92aa45d53a2e0bacff2addca099605bcae2155dd0e39a

SHA512
d6a04aada7d4d871ddc767afcfba6ab8521f8c4e747ca1ba55e3b0fb88cca9c399a72c992ee512670c46053d2cf7f8aaef1fc2efbd64e2cae4d12054362c70d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
9ac9b0236eb6ee684403a7c3e64909ee

SHA1
ca6f63347fee1fbfbd01f2c6d90f29716e31717e

SHA256
9549763f59e07597c68ba43e5fa3b4bff3e9b02a5fa37e22944277ba0130342e

SHA512
aa954a684c168325fe84f537d037bf73ac017d3ad4443d8c395aad7832ba576ed1d43ef48386b25f2eefb78d1a1a9ae458cd064f7c5359249d4baef375d2078e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
4b03bfe664f729d940c48d878e5bd65c

SHA1
020252575216c726c24f2d4b98083b14f1b4964d

SHA256
11e719768320357567e1873f86da0abe9330863186452572e967286519727421

SHA512
5fbf8492d4f4a67cea8f7202919ebffb560bb13cdba830eca161c549eae9e8fbba8e6894225498d31b105353e15f5d12e6ef9564dee43553f5269283d5ac0aad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
544f4b0b0d504d571425a4ded371257c

SHA1
810413d5d08566c221fc9bff18abeb8cde40980e

SHA256
15e4b40feb1991e00bdf619b7f93e55e12693991225c81406b70d53e27aba3c0

SHA512
b83c09614247cbb402f6f9ef597bbbc99563d56a0d5228a984bfa40206849244ec7da44d841fdbeef7d8a9a0631f0e3707d187054a2be08b329ac44f40bca57c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
a6f4569234fd964b2cc6625311531f27

SHA1
63eb37b992328437f32c28a91ea4e9798b6eaddc

SHA256
b06c38a9f5d6888e998bae4fbafe423bf848f34e8a284349d2acd7ef1cd236f5

SHA512
ff84f759977ecc0d0639161821f1bb2c936b3540c5ab9214b419b64c80856edb7d67033bb57df024caeaffeada91092ebf3e0c1b031da3a07e789c2048842e72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
137ce46d1a636512afc8524721c8bc1f

SHA1
794aaac9ab3774da333ad92500a78e09b169dc2f

SHA256
a1f49e177952636afa4f98110a35259c9fed8cdf08aadd30eae536dc25faedf0

SHA512
6934ac926c2b507d85bc9707f5bc52db6d533f44af0b080a3b1e4958a223cbd1704e35413005e6835a0197947f46da445fe93dd5de809fc659591eb60c4d3274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
5caaedb57d8c0aea9862995b44e6e564

SHA1
b99a641f84ec69bd80dd74d5295d99ec319c51d1

SHA256
501ed3b6f042ef73b0d2fb0eab9804a28be2d25499bd966b85f7d0f75f358fce

SHA512
10b77437372774a087887c21ef4f630ff859cee9263affc49f40224fc306dbc13cd425397f5eb1805d55c9f8247c9dbe48d7b62813f2b0ef279ded9aca332c34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e251.TMP

Filesize
539B

MD5
d17cdd487c4791bd5b49479fff12d324

SHA1
171a0cb331a907340e33cccd7fe05c1dfd54099e

SHA256
e6cf722396855d09edda98c8b4520e374cc87374629229ab3ba5b70d349f0d8d

SHA512
80372c12d2fb37a490448d652c3452b93b979cdd4899a6288af3b27b9532ad09ba24533f8f4e6c8186c41bce79c23683ddc4a35070a2e75a97fb5354dc7a195d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2f554c3138a421f2cdaee23569abd3e3

SHA1
c7e108173c7ce53c4754a9d389978effb266e610

SHA256
c4e76d24b252f4820c297d5b988945d4479bef0667e115a0ba626843e98bf98d

SHA512
af075dc605306d6d404aa5846ca3f0df8c20d3689392a764778243a3734d1aa13e0b57151a0b69c123d0d5bc80cfeb9e2c14b8bbbccc9ca682190f5b12e3b896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0cc9d86c924f0e8438b60e468c63d6ae

SHA1
998ea03cededa3ecc60f10f810e2c5e11be8c08f

SHA256
4aa83220feb84fde152c450828d8caf376f9036d9967d3316cb97a41596d22ad

SHA512
3754c5baa00093e736d3ab70ab4afec535ef6f07796d76b717c73fcc1f08780723cf21ab0bf4a17ec9e09675fe1a6eb86526f2b0d021fd65a476f36fcf890be2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1ba66ac551bc38f7b5b813f30cd60e8b

SHA1
1fc95fec2c59bb4990398d2ed45d53ed9d3be8dd

SHA256
cf0ee5009a0f9dcf9917ef04d81b88cefee905f95638a81727bb34e95d59f2cb

SHA512
750b0a9d1c14e36822254e0a37fa1267ffd5f2e2f788011a22abeacb129e608ef6c88bedc373bbee122f6810b4a77ab55f6888c6c7d0b1cb25158cad6e4475ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\D9AA17.emf

Filesize
5KB

MD5
0ed5bc16545d23c325d756013579a697

SHA1
dcdde3196414a743177131d7d906cb67315d88e7

SHA256
3e430584cd9774ea3b21d8e19b485b48212fe356776158dd5f3c5f63a5bde7d3

SHA512
c93072d11058fa50e3b09ff4da9f3dbe2637c2b5df05e616bd8ddd04557ea1e8b0db106b1545fad334619118c467776f81cf97ca52d3f2fcbbe007f30032b8af

Download Submit
C:\Users\Admin\AppData\Local\Temp\TCD912.tmp\gb.xsl

Filesize
262KB

MD5
51d32ee5bc7ab811041f799652d26e04

SHA1
412193006aa3ef19e0a57e16acf86b830993024a

SHA256
6230814bf5b2d554397580613e20681752240ab87fd354ececf188c1eabe0e97

SHA512
5fc5d889b0c8e5ef464b76f0c4c9e61bda59b2d1205ac9417cc74d6e9f989fb73d78b4eb3044a1a1e1f2c00ce1ca1bd6d4d07eeadc4108c7b124867711c31810

Download Submit
C:\Users\Admin\AppData\Local\Temp\vbhja.rtf

Filesize
816KB

MD5
3723ed47f56ce2be5d1f6942cf6f7b2c

SHA1
e97eed2f33fb3804a326725f3510cf93d97ad05f

SHA256
3105881ea7cb2db9b1fcd0945760a2ac0165a21a2df0aa9dd81d9b82cfbf3194

SHA512
bccb7de37acabed50ff6d3b106abbfef0852fcd8218588540f14404bbb57f5e4f46122c7c04cf9bf33ef1e5b7a648c38a667a1dc8572b0ad974a1f2659a13dc2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms

Filesize
1KB

MD5
ac7acaefe7d71cfcba9b00e41f294b14

SHA1
92af5a2bf9bb770181b3e71a57433592ed89a1f9

SHA256
7331e2addea93c7be88454bf77639693f64e5d4d05fee210cee123b00b763f74

SHA512
018fdd0cbb23f9e7e6c0f69aa6ea732aa537ee33c09e58e19e402a80248c79cff8acbd4cc7ed1d088201f9e90a2ed9dd5842432216a0c24d39e2db154a6a29c3

Download Submit
memory/4460-3203-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/4460-3208-0x00007FFDA76D0000-0x00007FFDA76E0000-memory.dmp

Filesize
64KB

Download
memory/4460-3207-0x00007FFDA76D0000-0x00007FFDA76E0000-memory.dmp

Filesize
64KB

Download
memory/4460-3206-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/4460-3205-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/4460-3204-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/4460-3202-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/5080-3353-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/5080-3352-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/5080-3351-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download
memory/5080-3350-0x00007FFDA9AD0000-0x00007FFDA9AE0000-memory.dmp

Filesize
64KB

Download