Overview

overview

8

Static

static

1

1966720.zip

windows11-21h2-x64

8

Analysis

  • max time kernel
    787s
  • max time network
    823s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-es
  • resource tags

    arch:x64arch:x86image:win11-20241023-eslocale:es-esos:windows11-21h2-x64systemwindows
  • submitted
    11-01-2025 00:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1966720.zip

  • Size

    86KB

  • MD5

    520e42d3b14b3f5721e6aa62d7d78f67

  • SHA1

    3d20858589d34bc27f5cb22021bf9c8d0895afc4

  • SHA256

    d82406d65c69fb6ed111e7aaf7df4e7b97fafb5a2c904cdfa882a6c30897c4ab

  • SHA512

    de08ebc28b2f87a37368cf2a9fde3679ab85c54566da83bfdc62f7b06538bcfed1bb05662bb5626c08dbcabfa0c3f71dbfa314ef8b7e5985035553ec18a42dbe

  • SSDEEP

    1536:7vq3hYt/HSALYr9aE//iIXIyG50zncpV2HS//JsR3GHmCektL9Qwzs+lRfnNnEgs:7fBH6V/iIq0wAHSXqWGKkkBzfNEm2

Score
8/10
steamdefense_evasiondiscoveryphishing

Malware Config

Signatures

  • Downloads MZ/PE file
  • Detected potential entity reuse from brand STEAM.
    phishingsteam
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

    defense_evasion
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • NTFS ADS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 27 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 35 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\1966720.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4404
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4340
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9d3e03cb8,0x7ff9d3e03cc8,0x7ff9d3e03cd8
      2⤵
        PID:3732
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1988 /prefetch:2
        2⤵
          PID:5036
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:344
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2552 /prefetch:8
          2⤵
            PID:4312
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
            2⤵
              PID:4016
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
              2⤵
                PID:2424
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
                2⤵
                  PID:5068
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                  2⤵
                    PID:1872
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=4864 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1808
                  • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:2468
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
                    2⤵
                      PID:4596
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
                      2⤵
                        PID:4608
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
                        2⤵
                          PID:2232
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
                          2⤵
                            PID:4068
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
                            2⤵
                              PID:1432
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
                              2⤵
                                PID:1204
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
                                2⤵
                                  PID:1772
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
                                  2⤵
                                    PID:1252
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
                                    2⤵
                                      PID:4152
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
                                      2⤵
                                        PID:4572
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=audio --mojo-platform-channel-handle=4740 /prefetch:8
                                        2⤵
                                          PID:5044
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
                                          2⤵
                                            PID:1584
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                                            2⤵
                                              PID:1048
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2496 /prefetch:1
                                              2⤵
                                                PID:972
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
                                                2⤵
                                                  PID:2636
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2632 /prefetch:1
                                                  2⤵
                                                    PID:1364
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
                                                    2⤵
                                                      PID:232
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
                                                      2⤵
                                                        PID:2348
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
                                                        2⤵
                                                          PID:4576
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
                                                          2⤵
                                                            PID:2028
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
                                                            2⤵
                                                              PID:4044
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
                                                              2⤵
                                                                PID:4780
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7288 /prefetch:8
                                                                2⤵
                                                                  PID:240
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=7696 /prefetch:8
                                                                  2⤵
                                                                  • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                  • NTFS ADS
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  PID:3852
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
                                                                  2⤵
                                                                    PID:4744
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
                                                                    2⤵
                                                                      PID:2392
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,8071961280400049611,7590362921101369665,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6332 /prefetch:2
                                                                      2⤵
                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                      PID:4628
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:4068
                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                      1⤵
                                                                        PID:3320
                                                                      • C:\Windows\system32\AUDIODG.EXE
                                                                        C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004CC
                                                                        1⤵
                                                                          PID:5028
                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                          1⤵
                                                                            PID:2680

                                                                          Network

                                                                          MITRE ATT&CK Enterprise v15

                                                                          Replay Monitor

                                                                          Loading Replay Monitor...

                                                                          Downloads

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                            Filesize

                                                                            152B

                                                                            MD5

                                                                            5431d6602455a6db6e087223dd47f600

                                                                            SHA1

                                                                            27255756dfecd4e0afe4f1185e7708a3d07dea6e

                                                                            SHA256

                                                                            7502d9453168c86631fb40ec90567bf80404615d387afc7ec2beb7a075bcc763

                                                                            SHA512

                                                                            868f6dcf32ef80459f3ea122b0d2c79191193b5885c86934a97bfec7e64250e10c23e4d00f34c6c2387a04a15f3f266af96e571bbe37077fb374d6d30f35b829

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                            Filesize

                                                                            152B

                                                                            MD5

                                                                            7bed1eca5620a49f52232fd55246d09a

                                                                            SHA1

                                                                            e429d9d401099a1917a6fb31ab2cf65fcee22030

                                                                            SHA256

                                                                            49c484f08c5e22ee6bec6d23681b26b0426ee37b54020f823a2908ab7d0d805e

                                                                            SHA512

                                                                            afc8f0b5b95d593f863ad32186d1af4ca333710bcfba86416800e79528616e7b15f8813a20c2cfa9d13688c151bf8c85db454a9eb5c956d6e49db84b4b222ee8

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                                            Filesize

                                                                            47KB

                                                                            MD5

                                                                            0d89f546ebdd5c3eaa275ff1f898174a

                                                                            SHA1

                                                                            339ab928a1a5699b3b0c74087baa3ea08ecd59f5

                                                                            SHA256

                                                                            939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e

                                                                            SHA512

                                                                            26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                                            Filesize

                                                                            67KB

                                                                            MD5

                                                                            69df804d05f8b29a88278b7d582dd279

                                                                            SHA1

                                                                            d9560905612cf656d5dd0e741172fb4cd9c60688

                                                                            SHA256

                                                                            b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

                                                                            SHA512

                                                                            0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                            Filesize

                                                                            62KB

                                                                            MD5

                                                                            c813a1b87f1651d642cdcad5fca7a7d8

                                                                            SHA1

                                                                            0e6628997674a7dfbeb321b59a6e829d0c2f4478

                                                                            SHA256

                                                                            df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

                                                                            SHA512

                                                                            af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                                            Filesize

                                                                            19KB

                                                                            MD5

                                                                            2e86a72f4e82614cd4842950d2e0a716

                                                                            SHA1

                                                                            d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                            SHA256

                                                                            c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                            SHA512

                                                                            7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                                            Filesize

                                                                            63KB

                                                                            MD5

                                                                            226541550a51911c375216f718493f65

                                                                            SHA1

                                                                            f6e608468401f9384cabdef45ca19e2afacc84bd

                                                                            SHA256

                                                                            caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

                                                                            SHA512

                                                                            2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                            Filesize

                                                                            26KB

                                                                            MD5

                                                                            5dea626a3a08cc0f2676427e427eb467

                                                                            SHA1

                                                                            ad21ac31d0bbdee76eb909484277421630ea2dbd

                                                                            SHA256

                                                                            b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6

                                                                            SHA512

                                                                            118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bc943a1790841f6_0
                                                                            Filesize

                                                                            2KB

                                                                            MD5

                                                                            8e49ca2fe3379223f2226fe6096a7925

                                                                            SHA1

                                                                            9b8834593b2721b288e63efb18b32787361325b5

                                                                            SHA256

                                                                            5cdf0eb4783ff75b4f492b8b8238398849d70612eb6b2312b4ee8c3d4c9af774

                                                                            SHA512

                                                                            6ca5867ad5f7cfb43fa60b9936d7a4e9a1a5f120c756d8b42096c52c5373bc04e1478dad642638f303b5d03cf835d8c6c55390402a06834760de6ba00e5940b4

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a638543fd8211f50_0
                                                                            Filesize

                                                                            4KB

                                                                            MD5

                                                                            39ca99aa539dfae3d87760a7fe465f0a

                                                                            SHA1

                                                                            3f5440496aa312036c038a6aa0a5539bb5d81dc9

                                                                            SHA256

                                                                            8c7915e732752ffe4edd2e39316369bc264377eb4964172321e230a8d3fab8d7

                                                                            SHA512

                                                                            2831b775a2e129162fafca98304b211d4ef360fc06c0ab5493d60839918a71f5558931fda0afcab31827ae2ef06e073087210908343d538288bac02d893d4912

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9c9a2d639d72bb1_0
                                                                            Filesize

                                                                            14KB

                                                                            MD5

                                                                            aeda7f9e1a9bf1fa91cc3b74b65c33bc

                                                                            SHA1

                                                                            11613e07d4114a59e77b413113a448de2a70d359

                                                                            SHA256

                                                                            7b42889bb5eb31d24547aa39ce87802d597393bdd4c3a91d7c2582b94b88c3ac

                                                                            SHA512

                                                                            3a6494254742f7d69a7911bbd470b64f12059bc27d336a0d97caf41d811aeec173eb1d5c8dc7b79732dfedc6e9652e2fb1f51f92fe919c87cb41212388f85b22

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                            Filesize

                                                                            4KB

                                                                            MD5

                                                                            09c7051bcc05a83ad65fa4ff2cb8bcb1

                                                                            SHA1

                                                                            e434bf52dfabbfd23cef94268b8277cdb9019d6f

                                                                            SHA256

                                                                            fb85a5f373f5ad570b9f3fe2b5b02cf7b1c367263946856dc03e013730043933

                                                                            SHA512

                                                                            f6109b9fe209431933ad60d1473928a78956e9a279bbd687963dce211d149b1dcb8170b84d46931f8fcbfc02344b7e9151aedc4fa952494deb50689531ed8c7c

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                            Filesize

                                                                            3KB

                                                                            MD5

                                                                            32c11e5ec21286fd694a70b91276a41e

                                                                            SHA1

                                                                            b59d5beed31b7fcad5ae0bdbe1f40a596c1feb56

                                                                            SHA256

                                                                            3d4477fde7ffc55d40d65590a71081563384c02bf0e82cef56caa95b347aa894

                                                                            SHA512

                                                                            b6b06b4f3972f8b319d7964cec29b53595cf9d1448fe2d8dd8b5fc6bc3192d35614124e9bdba7b9ab9e38a9d8f2180d754e7159893035c450e7f475531406266

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                            Filesize

                                                                            2KB

                                                                            MD5

                                                                            e0329b8aa5e533906ef2fc1d9355d569

                                                                            SHA1

                                                                            4b46480f6539e29acc0e47386421057a88603a89

                                                                            SHA256

                                                                            fe98108dd1741236ae3750d31ec5149da0e2d6a9432ddc962a30e4398e62efa4

                                                                            SHA512

                                                                            a995994a76be199b2ab20488abf384fd4ef276437626856ab98ad5739db242e4439b19d2b35affdde0aa86144a062ed99e049bd942acd54040c53899305fd8fc

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                            Filesize

                                                                            4KB

                                                                            MD5

                                                                            7ebecabd94021b5ea33353c73f726981

                                                                            SHA1

                                                                            d1e2a3e91be72178d77b3139b1f2760327f16667

                                                                            SHA256

                                                                            38fa986b2b6ff1c02b36d3d108ddbdfc3a6e7bca46801de6de88fb2cc5a08c95

                                                                            SHA512

                                                                            8d02982d33defeebcdf6fe616b895fb6ccb8d69fbe39e8764fb2284930f1d6405c3a428e799bde69617587d47a6c7eec054094f03bfcc4362f8211bc6a8ebfe7

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                            Filesize

                                                                            4KB

                                                                            MD5

                                                                            3f349503577a72ea91ef231a761a2cc3

                                                                            SHA1

                                                                            65a20d482d9054e5227a9ff527de6c2005b71c00

                                                                            SHA256

                                                                            247cc65f91e270174001d6996661f90641e6b8f35676e7f6716dc53e74f48d5d

                                                                            SHA512

                                                                            411d57d32332a7f7f49c9e74b3d9d9e632b637d57319b7f95fc1da5ce9a041118bf64a26d1189bec2a9c1b9345ce8d3685c3f32ebd8b558a1291a07c1d82abf7

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            7KB

                                                                            MD5

                                                                            4abc8160bd0b1ff7e3768d658bcf3c6e

                                                                            SHA1

                                                                            23f60ec7dbb1e583e8159e446ea45d19b5c2ec61

                                                                            SHA256

                                                                            061f4707c6753927ca74bba4d427c57430b4739a29e3ecfe1ec9f667d1d8899b

                                                                            SHA512

                                                                            6d72c31ff38d56e43bbe7eb78be6c29815bc720a11779bf520e5b6992bd4b65890351bf12868b5f1d2d64be29396fbaee9d548cc3d8c7a9a9a6f5099d585e0b2

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            7KB

                                                                            MD5

                                                                            88af613f5dcfb57e6ed138613a3c3b03

                                                                            SHA1

                                                                            9a40fba89c920a0e592c39a3876e79bb09d10770

                                                                            SHA256

                                                                            1ae05e5b1b402d72e503591acdb4967fcc73d88abf49bdccbd9284fad3dc3794

                                                                            SHA512

                                                                            f04f22dba819359400c97c6d34d0eaa3961392cf83fe295b9ec562cad58a4d68fad1830a1b693fe59ce2462b0fea6acc96eccf10f1ce8adca383e05ada07f08a

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            33d236f59b9864167fba610eb203455c

                                                                            SHA1

                                                                            b14bc597456c44c5a6a95cb939db6c8286df4469

                                                                            SHA256

                                                                            94431b17cedfb9f1f484ca01d4d74f94494f47053d3b25d4dc8fb10dcd6623d1

                                                                            SHA512

                                                                            188fdeffc8c4b256d37f2f3099aad33bd0784c327890fae5cb02678021ff51783a8b1c30f8888be5f217cf909479feb3dbf042e80c8aa728e25431931d7cc90d

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            7KB

                                                                            MD5

                                                                            3d72dbea9e776b6ed59e96802f29b30b

                                                                            SHA1

                                                                            d6a4e270a8155544e021a331b5d691e7ab83aa9c

                                                                            SHA256

                                                                            eb80f2d89d27017dc5caed9002dc8bd9b9236ff161341944208119582a844dc7

                                                                            SHA512

                                                                            4a22ac1ed2a2e5e3ecbfc82f3fb5ce34eadf18722e89670bedbda8779aa317a66ecc88bf92ef9f81b57560e6ac645029a25bf7e5bd96e55e40a8c887ff778546

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            f2c35197a3393f54328c64a6c96a78dc

                                                                            SHA1

                                                                            434310679fdb23120ec4bee443e0845ded445e9b

                                                                            SHA256

                                                                            55d20e25d35318b986a9ff801cab58c93b78613f3d055b2c2d4f3fb74b42d7a7

                                                                            SHA512

                                                                            a69ccb3413279197b3dc3938cc141bb43e9560e7bd024412979ca340bf14d43f5e975efdf1f667cc1b38db0705c6fd736155e088f92d0cf55c51cab3c8c22c57

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            e2c4ff975e47c7276b6a13d549cd3380

                                                                            SHA1

                                                                            37ea2ad23f2afd2fd7c60ad74a1ab702cf1ed7d3

                                                                            SHA256

                                                                            8e7b69ca80fdae0c363ad587cfacd408b0c187fc2bd68e56b02bb503c37c32fd

                                                                            SHA512

                                                                            8f9a17804eb5fa9b67c54708d29b93be573434a57a84b7eb4ceaa83e4be84944400aeb0e08a2c82e9e80cd8b0c400f6991d0454e38849399de75aa638b86203d

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            b6818c6174d79cb0bee532b36ed1c31e

                                                                            SHA1

                                                                            b31fbafadba85e40a22cda0331a98b86292f4edd

                                                                            SHA256

                                                                            9a92ffe533558dec56ee84023092db82555d397c832b6873c1baacc09c01d874

                                                                            SHA512

                                                                            f831a0cf6a4e881d772d543b3e916284be3609024faecfdfdf93c6ee8a1d7a95dceb13cc3bd515ae3cf428c22320167d52dc976b3d32ba89e7ee11aaabc8e627

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            7db32567a67589eb9af64e93210a92b7

                                                                            SHA1

                                                                            108da1532cafd7c7b22a838bfedaee5a741045a3

                                                                            SHA256

                                                                            982742181b8d355737845c420a8a238780f6065629de613269a44418723b7764

                                                                            SHA512

                                                                            1ac69dcd14e5a3d0d7bb81cc333e991263934559c51cba34f950b0dda83d06939ecbb4b97f5d84a0c446b4e53c0fb5d6be0070de5ae0571fee104956ccc2ce0b

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            27dc6a33d4fdf0fe0c3aaeb104bea311

                                                                            SHA1

                                                                            a3f36bb1f7067e04b2516b30db5baffdfbcb9ef2

                                                                            SHA256

                                                                            6893e5de9ddfcde298dd2c6871f2363f2b886f52e7bd2530b600456610e32464

                                                                            SHA512

                                                                            f338cadc7ac91e3061bc9873e216c1c79cef0115b733ce6bcd22ce0f0e811c4729564f851a1c896cb5f2814b07adb09bec38187a122b2d30f8e63472da54ed7d

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            0ef7d8ff872509934f7068d4919f134c

                                                                            SHA1

                                                                            2a22c8ac0e010912081318180e2b61e843a7970f

                                                                            SHA256

                                                                            3ff589e42de4a714287460cc1d9d7d6323fbbae16c9660e44f7461bdf0432c10

                                                                            SHA512

                                                                            5be91595482dcc63f3fa76cf2e2a0bdfc7f0ab14abe6ec9111db136be4db7bb6a7c7d648a7aeb3fb45456e9d355a039a6a808d00f79fc2e924dbcceacb5b1321

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            706B

                                                                            MD5

                                                                            54a6a3fbe7d807fc6a2e28ef02d9497c

                                                                            SHA1

                                                                            63c7c11c2512ad835286ec2f63132c578cbb8b5e

                                                                            SHA256

                                                                            ac99367041eb2ce5a21b4d16be434b6c889749df224863dffceb3238a8df9ed2

                                                                            SHA512

                                                                            c48492b482f1dca2efaff9459d9259b7387dae1d44ab953a47d0f134031f9957a2e17c12431270b5ada0f72f852f41621f0eceaa375798f4c9853ccc0484e0ee

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            5d9dfd3ec099f48ac1c4fc63f2b21a5f

                                                                            SHA1

                                                                            857f0f9e71faac960823567262390d4630387bfe

                                                                            SHA256

                                                                            354e604ec3354f5a6399acb86349050103486af655666cd8061985fafe24af73

                                                                            SHA512

                                                                            43c17cd1e890f9617f18cf3e2885b6a79767946497454e7245322b27e2e5183d771e229e9ed42f5c8c1e7615c877161259f0b9b8bc8522ffecb3b74077db5e31

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            823e0bb0665ba62f1995d3226d2f16f1

                                                                            SHA1

                                                                            b782c3535c0c5d6aeefc6f944ed5f4837866805c

                                                                            SHA256

                                                                            92db5040ee41e7fdd68ddcd4cddadda5291465bc6d449123db3a1200758b3619

                                                                            SHA512

                                                                            8844d87cd63cd794dc9cf1716bd29c80ae579850deff4da68278efb2fb61cf7c73828e0fd20013cfb133c7b7cd6a0a7cf877b899a21ae58dceb2a72605329422

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            453ad53cb70c4a992624e5d4b79652a7

                                                                            SHA1

                                                                            712425d175f5dd6a35674dceb48f8d1fe2cd3f19

                                                                            SHA256

                                                                            718e3f7d9b2842ea0f065554fe07ae957e41051108608b5b0162a1a470a41f65

                                                                            SHA512

                                                                            831bf40c43d74545762c94c63c9053389c5e9eb7a64c0442c8183307984e26523ae99f18e8d9018aac65ac5060e51cb76f08ff2c8feb00cdb511663cb20646f0

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                            Filesize

                                                                            538B

                                                                            MD5

                                                                            ff212046f48af3e646dcbbb58a5cd66e

                                                                            SHA1

                                                                            7666ae282e15348ce4646d238b64250695122855

                                                                            SHA256

                                                                            522d8dbf553245325255e5c1f469135d614a983dbf6c56f46afde7dccdacf256

                                                                            SHA512

                                                                            ec9cad1308cdb027b89415984b61075f2c5045417ab0cced5502f559f9afcd47d5951b097622d1da38f2451c2d975afda056cc307c8bab93e46beb210c29b018

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe598497.TMP
                                                                            Filesize

                                                                            536B

                                                                            MD5

                                                                            db744824d88d9bd3682da10071b7008c

                                                                            SHA1

                                                                            43e86dcd4deb6df3cf011d0f013688959378f429

                                                                            SHA256

                                                                            883dfbbf50526948d835af85469fd9fcdf792c3154d2f6a79247035c6f215dc3

                                                                            SHA512

                                                                            0852a9ad53809fcf399e7539f01fe48bcf5fc73932291b5b3e425ece6a7c485c150b1195966183147440d158bc33f7473c310e22eaaf0bd2e1f92232888d71f1

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                            Filesize

                                                                            16B

                                                                            MD5

                                                                            46295cac801e5d4857d09837238a6394

                                                                            SHA1

                                                                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                            SHA256

                                                                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                            SHA512

                                                                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                            Filesize

                                                                            16B

                                                                            MD5

                                                                            206702161f94c5cd39fadd03f4014d98

                                                                            SHA1

                                                                            bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                            SHA256

                                                                            1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                            SHA512

                                                                            0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                            Download Submit

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            0be47e87b023b5aadac82aded7b0df4d

                                                                            SHA1

                                                                            383efbac5f5cfd69a4f660dbaf84dac19d86f462

                                                                            SHA256

                                                                            09e9ac48a8fd72a97ed16dc223d717f0b20edfec1ddcd67dcb9b62c25e0ddb44

                                                                            SHA512

                                                                            aac7e40f4a1aa7f2588efeda2c18c862256ae7e5a18bee1be2337d07a39da09413c3b128d872c8b05cc0690b812656e2169f1b881027d6e0b69d5ac40ecae285

                                                                            Download Submit

                                                                          • C:\Users\Admin\Downloads\Sin confirmar 31293.crdownload
                                                                            Filesize

                                                                            837KB

                                                                            MD5

                                                                            93ef55f275e12608889ba7c2e908e6d8

                                                                            SHA1

                                                                            969a31955b49a8bd82567fa582b3f29528ceb6f1

                                                                            SHA256

                                                                            7af03f9f3e8d96c931d69b1ecd531ee976c6e504d678bbf44f553ffea8943291

                                                                            SHA512

                                                                            fa3dfb36608777a5942cc3ffdb5d1599efd0420dbd436def11d860312b6dff64af6d9c3022964c78eaf34c3173a8907a3b58e88fda8f83a4e8e4063287ba7c53

                                                                            Download Submit

                                                                          • C:\Users\Admin\Downloads\SteamtoolsSetup.exe:Zone.Identifier
                                                                            Filesize

                                                                            130B

                                                                            MD5

                                                                            0f13bdbefec8aeded66078ba46d91010

                                                                            SHA1

                                                                            5efc971c75980f7e26e81cbf195c3025fd06879f

                                                                            SHA256

                                                                            fca9efc92ce54a322dabbe6b4e8842887ebec4112112558a2039cf23912d0808

                                                                            SHA512

                                                                            7a16cef13d75a2f940d8313e14dc7c588b4e8677245838e0188a66cbc6974424c3c685b7852ba1b70d5b286385229b23d834bf2346473fe7b700749bf5eed37b

                                                                            Download Submit