hxxp://nigga[.]com

Analysis

max time kernel
1166s
max time network
1195s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
16-01-2025 18:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://nigga.com

Score

10^/10

google discovery phishing

Malware Config

Signatures

Detected google phishing page
phishing google
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4952	msedge.exe
4952	msedge.exe
4092	msedge.exe
4092	msedge.exe
5796	msedge.exe
5796	msedge.exe
5804	identity_helper.exe
5804	identity_helper.exe
5660	msedge.exe
5660	msedge.exe
5660	msedge.exe
5660	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1544	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1544	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe
4092	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4092 wrote to memory of 2400	4092	msedge.exe	77
PID 4092 wrote to memory of 2400	4092	msedge.exe	77
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 3564	4092	msedge.exe	78
PID 4092 wrote to memory of 4952	4092	msedge.exe	79
PID 4092 wrote to memory of 4952	4092	msedge.exe	79
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80
PID 4092 wrote to memory of 4348	4092	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://nigga.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff924a13cb8,0x7ff924a13cc8,0x7ff924a13cd8
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:3564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5796
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:5916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
  2⤵
  PID:124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
  2⤵
  PID:5736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
  2⤵
  PID:5984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7892 /prefetch:1
  2⤵
  PID:5588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
  2⤵
  PID:5600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=7740 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:5184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
  2⤵
  PID:6072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
  2⤵
  PID:344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1
  2⤵
  PID:5696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,6181340741961334056,5237702403341645168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:5860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2204

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004E8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1544

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:4932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
826c7cac03e3ae47bfe2a7e50281605e

SHA1
100fbea3e078edec43db48c3312fbbf83f11fca0

SHA256
239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab

SHA512
a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
02a4b762e84a74f9ee8a7d8ddd34fedb

SHA1
4a870e3bd7fd56235062789d780610f95e3b8785

SHA256
366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da

SHA512
19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
47KB

MD5
0d89f546ebdd5c3eaa275ff1f898174a

SHA1
339ab928a1a5699b3b0c74087baa3ea08ecd59f5

SHA256
939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e

SHA512
26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
26KB

MD5
5dea626a3a08cc0f2676427e427eb467

SHA1
ad21ac31d0bbdee76eb909484277421630ea2dbd

SHA256
b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6

SHA512
118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
251KB

MD5
1eebc0237ac9209f05bb86cb6bdb450f

SHA1
61e822a4c70509be8352b18fbc036b1d3ee109f5

SHA256
72c10a214420ba943a71df14c089212290c7f64c315148303785fa455b9281b7

SHA512
dfc68a228d114aa885773d19a848e3a78402dfc88d78f38187f99f62caf1bd3055f05e4a4961d678b49507de852ab91ce84f718c0275679f2cfca785c74a0b4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

Filesize
27KB

MD5
5f03ae107371cb079c1ccf88bb2ec46d

SHA1
3139e78d7e8f51d7aee1f192f3b648b5a2d8bac6

SHA256
07a0d4e41ce0b0b6ec2d5df1fccf70f401d22b3d9d3cbabc10678a6a8c509264

SHA512
2c3a735694aa483ed82d6e304fc3a21c2c3d0ad76c868223db8a82a24b3acbb2ae1ac3ec03efa85b6e278b22ec42b53e7189dca4aba1c68baac82aa0aaf22e2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c

Filesize
65KB

MD5
9afd7baae067b6676ee9c082b69661b8

SHA1
e80f1be5c19d15e2c558d8337fa026fe60a191fb

SHA256
c946178bc2432551d218c85196a43fc1e9951cfdb59306785c1aebde69af5e1a

SHA512
ea766817e49abd41bc5bdf18ca82a4aec6c3b11434d92d848a6b27c2f3afcbf6eb71beab4906e1a9f5fb8818a81d58d6b063796ee40cdd62cc6d7d0887223c0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d

Filesize
91KB

MD5
f8642faf2c85a7636f7582a11018905b

SHA1
b7191c2ee1108677f491b54ee0bc37ecf162e7ff

SHA256
be629049950719a58fde0ff85cc47cc6ae7d96b066c6d77429368b34123ae3a8

SHA512
b6a6483b01061dfd4cba0c6394095a6a417bb384723047d0008a347afb6368f005f64176f10efe4e3c53bdd16bf7e2378b629d33c590436956eb245ddcb7853f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

Filesize
107KB

MD5
c89cb2607668fb9c483661442a6136fb

SHA1
f8243e7ebcf6bd088b2d3845740601979389febd

SHA256
3cfad1818d39a8ca03ea8e53c63cc51825b06961e1421c847629e7f002677ef6

SHA512
8555c2fb5b763d654f9c0d5ca2e5246210eb085dc01bdb5a6a6752b4809e010e0ef2f294d23cf22aa8ebbd774d2515a3dfdf3ae871f2eea00de90a800b0cae11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f

Filesize
29KB

MD5
f85e85276ba5f87111add53684ec3fcb

SHA1
ecaf9aa3c5dd50eca0b83f1fb9effad801336441

SHA256
4b0beec41cb9785652a4a3172a4badbdaa200b5e0b17a7bcc81af25afd9b2432

SHA512
1915a2d4218ee2dbb73c490b1acac722a35f7864b7d488a791c96a16889cd86eee965174b59498295b3491a9783facce5660d719133e9c5fb3b96df47dde7a53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080

Filesize
60KB

MD5
5d061b791a1d025de117a04d1a88f391

SHA1
22bf0eac711cb8a1748a6f68b30e0b9e50ea3d69

SHA256
4b285731dab9dd9e7e3b0c694653a6a74bccc16fe34c96d0516bf8960b5689bc

SHA512
1ff46597d3f01cd28aa8539f2bc2871746485de11f5d7995c90014e0b0ad647fb402a54f835db9a90f29c3446171a6870c24f44fb8bbb1f85b88e3ade9e0360e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c

Filesize
20KB

MD5
29be3f4c1685374185295c0577a0fbc4

SHA1
c720338b90479756d89c4c0bd6e1b2c126e741e2

SHA256
84234bc202cd90772c3dad4cca1b2e1330d811546ed6574be8a6dd8706356d80

SHA512
6c8e59a0453b5ea2dfb99dae65a114d5b05e28428fc0b8d0012ed155115137f5f54abb232f7efae0e5c7c9775e7c5e3373c2f582b59c62625206445f1f5d9894

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e6

Filesize
41KB

MD5
3bc2b6052ff1b9feff010ae9d919c002

SHA1
dd7da7b896641e71dca655640357522f8112c078

SHA256
483a3494759a05772019e091d3d8e5dc429d098c30007d430639926c3ffa16e5

SHA512
0b1632b73fd87e8e634922b730f83b7950e9a39697a46a3429f0bebb3f1ebd14c815a4651ee8f663a437d00ecbeb6ddaa47b2fcad719777edf1b1de8a7cad0f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0

Filesize
5KB

MD5
fc57d76976f9b4b90c3b4b9dcd41eb43

SHA1
1315be60366590b9a85e1c334703ee3c4e95a9e6

SHA256
727df6883b0b7258e726252c611bb6a6ff362e90c28055242f7e8199b8caa5ae

SHA512
40b682eb1426199f952136ed5b63bcf1e42857e79f3efdc950b2b6e24116884960e4802dfd7442976b04a0a85360c05dbd200d3f40a28aca548eb94962e256a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\433f6f7cc3c3ea73_0

Filesize
42KB

MD5
463267ecac2096a9fb9582b08db0fbe8

SHA1
20d5bb9021474e67439b23f4ce2fbeb057c5fe4d

SHA256
4885fc8781de1d31e7153a54b6a54551d9d96c48f6dd64c871bb7e959c841fbd

SHA512
32b7d31caf07cb84635542f4754e60899d56c138592de7e85dfda27ec640327473bbc47c6ee6091acf5fd9cd81ad299b79302d4ab50eb6bf553282784e0642db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0

Filesize
4KB

MD5
2016cc55884eb8daeb15f6e1ae9c3a3f

SHA1
71069b6cb17a274516ac9cbc37e62fa193812ebd

SHA256
87ae1d4cdc81d693258e7692354ee203158e9b2507594053c3e0ab6813953b5d

SHA512
456dcdc5373ba1a8f1d268e9619c0f17dd4264a242b9b8049de287945e0bc073b59ec50abcedd469c586cd7cc9d94b78db12999f73cc79689bd93c74a0a2ff83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0

Filesize
1KB

MD5
7a29a221f61d7c9d4b926b0c1eabf10a

SHA1
1e49656750834faf97fb47b0ecb24053f08f284a

SHA256
a147d45dcb2764f15f7d42eaf54ee9a3f167a5b8078080479cac5da790e741a3

SHA512
6d86c2d214b79ff1471c9850ea2ae2874c3e09e6cbc5d57673f1adb46fa1e33bb75a149a0b367a2de83add6ff59d0f21bcfa112c3f804cf4b4108cd131748fe9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c91c845c83814759_0

Filesize
14KB

MD5
1da780a613da490aea44af438316f83c

SHA1
ff366ebaa9a07e52187cae10e7986840f17458f8

SHA256
49ed2c760494c2581431126a13f7ff9420a7fe8d441e04017f12b9228568d2d1

SHA512
5397f4ab2c38821eb0e230bf1393215db23bd64a76392642d336de77597314b5e3b07808d9414d1417da528b74a43dfe1bd3836daf64ba92e13de9947f12cd46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d2f9a2fc02c20de3_0

Filesize
2KB

MD5
f3e0344b2e83764ce759649e76bd0e4d

SHA1
55cacecaeb5b528a50921e82d32295ad03a9799e

SHA256
685bed06d71819c9106b049a641db0feb7fef74ee87c9d303e9bfcf8b745cc8f

SHA512
80eaeea3bc229bf7cdf1b608d6bfc787805d4920ddd0cfd2f4d5e82a152a47a72442ab2c0bcf001eeb086bb6cdc0ef19a4823136ef9d078e92782e19d4e66533

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
4KB

MD5
62bc8c411f9019a0e34fafc2b5c769a7

SHA1
89974e452c0c9389c756ae9db06c7f78ed9fad5f

SHA256
7ac923d7104a6c8363baf266e9fd761f6599cb3874081b67db795ab7f56b2a66

SHA512
f6ac9d1e218d9ed8fb4129e3f999215f68bbb52e014152d29c37dd16873c0aa1bb3e46fcfcbadcdcc0a6fb2cc622022cc92a12f3d3e5fc1274d616eb13297463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
36b8936f4d8ce6dfffb59b3600ffe19a

SHA1
dfa0a99f96804c1dfe5c1626f71bf611569d5599

SHA256
d091f1bbdb101f553258b50f635512b4e39894adba1fa0a91045b47b98ba42eb

SHA512
eaecfbf8678163dab21ad1de1cd00dfa4fd680db7738e4ffb964b921933973025a1a5b0e11ee8e05ceef62f7a4a04d9f2cd28a27020bb741f257bffb97132d59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
f0e33702bab72ad7176c8be870e31670

SHA1
97fb0b0d4f29b69ce039f0849803e4abff3dde1b

SHA256
0b50c321d02ea5aab437b0100a40a367cc504d5c7a5df600725ece7e15657091

SHA512
2c3f2741b471641432729d4c0707e3658c3ef2df838e0a773e9ca370ebe4979a7de5600f50dbb3d191fba6a08132729f3e8bda3a8a076549041465c3253e0375

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
5bbdfcc1375c5085038a895cb7de26fc

SHA1
2a5df0a65d243c4e52382394a1003e3c16da6c4c

SHA256
1e66b36411cd13922be5955f6296b9d42d27a91d62ba6b3ab5ea76f8ad024f2f

SHA512
dbe7608fd09c83dcca8a25a185ba42a6f860fc2fef388a6734c9da55feb8de8b6ad56e1972c860044b206f569ba97e033044327a9a78a3cb937f1665c2306c9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
969594e8a61c79d200e7dc74af99b056

SHA1
64625bbaa688b7607f7ecf251c4704108e57bada

SHA256
a3efb28adee76e8b2c532bd1a0f53c58e9b35525d4ec4c91164a79e02dc878ec

SHA512
476cbbbed8aba60b62015b4b48025a31c3cd85a0c2f6ce4ea8724e4fc7680e79849a83b8c10b750ca4d0ed93421bc8bfc0f0b343bf3fe725f2b308be8389823b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
e052f082143dd29030680b5e50cb670e

SHA1
827559d5637edbb9c059fadcdcd006adc620d9d4

SHA256
c3e26ae312e7fcad4f465254fa0ccfbb18163d0543f27e1c11273d71407da2d1

SHA512
5efe4f75d3a137c823b858bafb5d9fdb00bb0d4a4403999e737f3480b97741488c5d22bb210ab55d1aeac11fbb85e1f099f517c70252a145ed068c3c9f28a47d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
acbc90f2937525095d29163be21f09cc

SHA1
32d229ac80f1e96d49d7aba6e313a5a1cfa5b100

SHA256
5acf76f4d054fc7d74a8097f6a1dff39930d8f8f393573352eaa70ea3973cfd8

SHA512
62f8a1571d882b050956f2f06160756544908d89269c363eaad152458fe5b17af814bbff9ae17451a85e34ddd75355e8c3aa143054fe5ed741994ea03ed8fc0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
9d1a6d46f51e86cb7ea4d08271159b1e

SHA1
844eeea2ca0c39865363df7caf3cd7f666b91518

SHA256
a28fc317a294fe9aaf905a3679e547dc69c369d132ac5f793fce1ba28c8c651c

SHA512
372d43961df6c7c4466468b1209ef729428d64146879b79e7670bd2acb8e5b398064c5ca29e994c8345c84c821aaa01dd8e2f6cf074cff9d214eddf44f8112fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
a9dd51e7b5218e88bbe7de62a3e10245

SHA1
e80187adfe535efd96d82214bd4d43220c11de53

SHA256
286795c9f18b5f74989fe3890d3e0d07aaa7c2431994888dbba3673400805b50

SHA512
01f977855be64e794260607037edd846e34fb605a9da633328812d1af6f2d39d5b6e88fc3c1ea0a3740d1a21064ab3cfc5a5dc666ab3d737250d7fd0186b32a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ed151d63dd7d62a36fbdf554ee0d58bd

SHA1
1ba0a1106935c105b99f6d0e68acc83146d17e59

SHA256
e84e97a271f5a9e7f0ea84d41fe6f3201f2e9d518c9f54acfa4cde5990e04c14

SHA512
d3b5aed5c1c7ec55b9f7e2e4880ec7ff68ad81ff8dee0d5541034aaff4a759e55d07dda8d322d03995057069fc262a440b3740ebfe9e4159645b6d2473972e4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
371c2ca56ec52c4d9a0169441345cf3f

SHA1
1be50cff67cf850e18206a357442240196889abb

SHA256
5f199eb08acc6a5549fae0c47cde4412c16e40648270f13054569c8a45097a4b

SHA512
d2f2972458b045344d1d341a29f9a8520ceddafc6e6ef4be4a93efa8270e9cfe2b0a062369a88662503b281143c239a7b9369b876d62ec12eddc6c7f2225518d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
d14b0e34616e28b10c2725fc976691d7

SHA1
58514dfa134dcd7db70b8d67ee70062882ae4323

SHA256
a18ec86bf467fbc4d4db171a58b481383b506c19a1a458fd04c78baffe5641d1

SHA512
22e62769cb0797b7d4c174e2b92e86dd361c8c9c0b94fcaf52ba0f08b411a89a3126f646592433a09944f62093c6a34dc13752b4e869c2f7ca24637f0d8f8a54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
164814a1d0792982c2d06183e8ccc26e

SHA1
63e0b4fed2ee8b3cf9c28262e194f10774b3d92d

SHA256
50c7e73b4a6ccc4c3ae8b8d2793ba2f59175a07febaf5437638e74fff1ec6030

SHA512
e286cfb9d588c058c14f8102caa23164965f7578444b6b69b90387f8d0d5c4b93daa2877adc02f2d53608d59f4fed282c7e495633bd9c643bcb509c222a33a66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
1aa0d071e9802db242529a395d36aa90

SHA1
0782cc27f3a79013649de02e886ebc92a1110f3e

SHA256
8fabc73887898b52bcce8f3ed60f41fc066c7abcbce9bd6b7dfb962d993cd823

SHA512
0d8da1104b6ecc5f067d3cf656e643e447246f93a81ae9ec7d6c3c980958259c938e6600861f085e24bff547f9e188ea60d79fdcac22c3346a6a19b4728b6393

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
5c66b872e77a5b0e91e52718ce0ac529

SHA1
44d814418be3f3ed26a628beb9fba5a6c0651e77

SHA256
43626799268e3ab5b06007df6fa19b4db76db6edb1e7fa301e5bf5ed08feb8e8

SHA512
4523309551ffdfbec9579fcbe61f94763fc851cd6b462a99b9e5e61912c4139650ae3c0b4ce3d2ed154c65e8339ba26465d88a0a6d7d9b1dbb8ed0a6348f6258

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
78a002adb54b96ab9bc4c0821802917f

SHA1
ba46f7bf1ce2e6dc71a435e3e4ab8a802f6a2df3

SHA256
4d70005b393af200d7879d9bfdabbe97d3b968c31d3091f503d4cace2a11ee70

SHA512
3cffc5b48308363aaacc0cd3ef4e5b0505cd79a2a926e1812d874998c3cddf97f2077988a3101853d25c0def504885660fa6e45631d6abf0c81e2aeefa214fb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
88ac6744e116bf4ec707967a3d6d1c8c

SHA1
f7fc3c98b4294b735028fc6a67c2e831a330073e

SHA256
cba3a9885d2e76e68aadfc69fb97ab03e186d9987d663eae75fe1b8f2ef7c492

SHA512
2950ffed5af5b2aeda25eae80431d2262a0930fa64f0fade70227e52b8988a5c3a6b6aa4c9393f08fdebf663c7abea010ad11cabf0af1f7b617faff0632f4a86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
935914af8b80ca8fabb4c4b28d708f6c

SHA1
660368f1d7e56bd330b8efc6b7f778a2930f54a7

SHA256
cc766159a8245d2f1b2a30c715674cbd98be8f3e5234dd2f6c51adb02fa7e39b

SHA512
99beed3ceeca342e60a6dc7f41066bffdea7e5923d4cf7e7190dca106ad0c37ccf5610f9e7a4960bbde329484d01149bd1f30090b6a92a63a05504e11693f725

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
b48bc19d1e41275910ce06bc23d3f3df

SHA1
78a092b6d08366fef81628beadfd7ad3dd4e53d2

SHA256
926676cbf4fc9811e91191d81a4e714e6009e9d9e2f1a357fe2c2941d7e06a31

SHA512
f2e915ff1a2ea4ade1668cbd7c720076df2fd68a4ee7e4bd9f80c7813de2f91555c3ec27721433f7118c130a8ec5b27904aa58f597b74b6bb92f0f2301245035

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f27d9c7426c3c1d40befe9296cf33b1d

SHA1
245f12b8f2b2cf6ca50a7a904e6ee1415f100a8f

SHA256
abd943550373765c0b990617f7eb2099bd73f49eb857f8d556227f52cce3a2d9

SHA512
9fa0a1b93ac0dc55b331f39c16b7d077bb8ff00e4d9c49ecb6ea61b00f5cba131a738b20e5da70e8999bfecc22cd043598f9110749d9599ddff56413dac35666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
29a27a1f231efe8a1c5c0d595619e97c

SHA1
61fc3ab2437ae7f142de2dabf36f5616ae1386f9

SHA256
c8ed7e6457ee2fa3bf6c2b336cd6a800268b6a05fce18d77c9e3c80bf229959c

SHA512
5a652f9dd372f4e27b6d37680ada8aeb06840a40d412b316cb72a1cf5658cb86654900fd985db00ebede816db1c4607cd6f17b8d8beaa410784bcfb8bde79689

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d86b73d80a253e91740e1a6a0cd12639

SHA1
0acb10ac6c4dd571c351b8d078e587a5c49c8ce7

SHA256
1a9eaee72b31f1f1a14fb2b244c3465d8db42a47092d1e65c927d79793b4ffdd

SHA512
8f3f5528c38d53ac8b826beeedba75963e4f869698caf5ec5a02b07073d13699531f5a7c48bbb88ae5fd0b665eb263b69994a8872634efdd529c9d1a1d5cec5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b100b335dadebb61529cc32b21f0c2f4

SHA1
f95e3a72054aa360b0c0b814448b225e304a1bcb

SHA256
aa4e32d55313c502a2408f625780b31cf6d783f7b3553c6a0f1c3eb09a153778

SHA512
fa1e076a1aa42a48c879576b7c9ade764037d93bdc0ccf3746fe58b0b0a3ec5c01a5112a65eb8442603eaf09f6e50c376e7818e01132c334136ea1a41b305928

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
4db95949b7999dac7cf034131bb63af2

SHA1
4113c67ab13a3b4d557c1b5289ab2e5d0b67cedd

SHA256
e22493d4abaeef72fc4f9c2680e4ff6410a00793dea13b6e2c096a507ff2ee70

SHA512
a725a0ac7cad0638d944c6ee8e84eeefc51a2523bf11129d5aef0f09d0815d1220aaf04c682f9cef5e9846fd00d30957ede3d96043dfc3aa6e643a88999511bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
4KB

MD5
822f1e5c1c3a1a681e8af88e3e05911d

SHA1
8672b42e7712187c930db970d7eeebfb26cef360

SHA256
287c93e61c9bc5bbd2c9e5919b105befdb1bf9f2efb86bcd71ce3e9e423fd5bb

SHA512
a785c14ab89f637e9c21ab1a11670f073d2cb40b5b9ea0b24f0d711a97ad3d7adb810752fd274aaa574e42ce3b76b2abd42027fea71c41ca94519f4736eb01bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
2KB

MD5
8d125e3a34f682a36a2ab1447768e0ea

SHA1
055078d31cb6ca0a38336e94d939a0b9a99a12eb

SHA256
191e707c765534dc874f26137d10a45806b091d2d8918c25cd129a33fa2685f9

SHA512
0b2ee705da8f705bb87e018e08c56d255e42bdf0a4ccb6727175327acbeb87289c331a1c7e9209153996255c0d71ee358d02a5fc0b6f7997cb48cc2f5a084b9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
3KB

MD5
b2a413b39c5a4553c5f40351e2a1a465

SHA1
f2d295af7295ce30336bc5272cf098e2c9f0311e

SHA256
9cb6a8d0940e2a9aac4f91396efe4ccb44cd6e1067c7a92ec6c8096c7086c3de

SHA512
4e7761742bb09c26891c17c606049032e850b7f3c2960082004fefb0c9813dca4240163196b28cbd020609786df3c2778e786eea2e65c642d8406d60c62b658c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
bef4f915fd06821eb66d7f1e23adea1f

SHA1
214c0a8537327fda6d862246932b555684ddd7a6

SHA256
3e6489b947915c1851468d127ea86f8e9c78b2528cfdc6bc4fb4cd0f05be31a7

SHA512
5cf0548dc858a689e3b8ae4091d8e41a775e928d8dd0fd29a7371edfba27c5cf3c88f000d33b2aaccae295fe80a2a226045c105c0d032fd32c37bcdf9c829402

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5980cf.TMP

Filesize
48B

MD5
afc8c7111f80cbc721d2d3f1996fa403

SHA1
bb0b78e9ac1ef9653a08afb05c8cf016338ec5b5

SHA256
8a8ac3e3c153cb3139928820a086c995a4b5d7f48cca61002b390d96f0762686

SHA512
45f07f97881727f7a71a16d21e171c7c16b2f52932b222c26b1663b63ae1fa9e78180c1ecdefffadbfeb296c426a6be6ed17267da78d2db0ddb4e7a5ff29cfba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
da32e190d08442a1fe6ed82a29773788

SHA1
7c70e783bf135ba57ceff0684b3a7d989066646c

SHA256
4d404af0c4fa559fffa3452891655dc4c3f2b60250ab7480103fe5c0372fe286

SHA512
25adce4dfb4fdeb4c81ebc29500414c8ccf60a14e7abf0e4b4fbfb73980def44924d3cfb0d4bc577830dc61cd772f4a2955752f9600ae52306e8f99b88b8662f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
b4abde23c71ab2f95c5758b0259645b2

SHA1
dc817ff148610b96a204e7872aeb4d149694405d

SHA256
3b007cc3602dce26be55599a2c75d1af5c091091aae741ff0307aa2143a7c1bd

SHA512
bf482f23946b5d652d7dd9d1d4922878916abd40b6013f03f2d89625b4724293ca76409d5ef06fa3282c9188617be58cf34303c240ee8d5d81ce29c291a04df8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
d20066334247747966ea2b311e55d22c

SHA1
c4686f412b6c17f8b2b684d34de1d825fc710611

SHA256
c844ba950291a8e4ff88edb44d9f2a615c3a349f1e1b798c0ed62bd84a757c2c

SHA512
492e9b9afa618d538c13fbf2e931ac5b11ea30cd8a862f9333c93bdbce409b9407cbb83bda8ddf4088ecb994a2303752083364f5a5ba9997d10bdb6ba5ad48ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
22857cc4d62f21fce37c8b02595694e4

SHA1
2f1ac264251622f6644106f4fbe299560bca0ada

SHA256
67b6398f330ccc889680eca509be27f93ddb4ed3fc0f38db92abaffc6fe09a47

SHA512
4cd0b7dac2117bbb4efbc6ef88f80d46476e11ff79725eae7264887009bd965ef345ecc36e9c5b10d2c0bfd889bec0d519e00e735b0138ce0f937e0879dbb47e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
8af98c39987f067131682cda25f19bcc

SHA1
c058ee4b8825502901d7e4075eaa101f7d063615

SHA256
42f9c19f575e0cffca0a1c4065efc3f4f27e7939a325326727f96f5421ecc57c

SHA512
279d0e73ef2d56f6bc9b574efce8995f800d313495c715f8d4dc8204af24302dcf3713bd840dc87e3d0cc839f9a018480b395186831308c67554480a06ec10cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
d45a8705e33b3d3d0be9b27a7143bd57

SHA1
239ceb456e0b7c49a8ead6f83132008db60d8771

SHA256
0732a93141959d4b1f96aa9b5d98799500d9cab520072bdfc5bb180c12d7a3dd

SHA512
4149f3e0d8b9e5145af980790c9a02b02b45a72522af32ecc958b6e3a83ca816bd6f1f60b8954aca612eefcec2ac9ec1a800303b8b6becc3383de44a55c10250

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
b7ff610b5a22c4890edb3af1f6664da0

SHA1
d892c7e8c55106e4117e2d9b69768530688387e9

SHA256
db7b27f18f684db8f512e02d92e00eb7440e9e3124c357ec4f97e46358705e7a

SHA512
ee53159be90fd85e6e28d4c060bbf4f9d7624418f38b375310ecd0fd32e6ec8a85fc9a7a31da1e3bfdf0b15648a851a48447708d3d20489372ac113321b3f4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
19216323cd4b367cbafc2c96a5634a22

SHA1
159a8478f6aa62ef119c370fcfd5e474f4b7e5a4

SHA256
ed7840f957659baef150f3fb744c1a4ba70611e8358e4847cd0ff7d62d6f1eb2

SHA512
f6ad9153ad184a1e3598b32d798136cd32a72cd83df6913426fa6fcb0c1c0e11ce7efa73ccf37a79e7db4097aae3d835028009b6528caf4a1e93573c73a96484

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
ef78675ae8925e1054c313c7918485d2

SHA1
c1acf573f983524f8c1dabc44d6bbb7325b302a2

SHA256
2cd85d1f8a477ef2e87cd1363a07f596c84951fe1a56f8d02cd560a1120030d3

SHA512
ac10b58a0126228eea673ae6ef37d5aabd27f804bd1bc250200479a6acaed9ba07b2eecd66e951401ca5dcea45835a45f678529de00b8568ecb8831c75c699f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
ce6cc633bcd0cb02561fc222160a3284

SHA1
749e2af6076be161365790625f56dece8991ad6f

SHA256
ac7832183fc26fe184414fb3aee17a6374dc60268355e0bfb385f3da582ba6ea

SHA512
8fbf35434dc67b7c9e17e0f3e91a16c11fdac1b52cfc95683af15944b0d1e30a7e080ab1f3435052191ddee15cd144fc1fcdd812d937af68895c0bed6ab2f9c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
edc665dad1834ee8662da35e1ae8c79b

SHA1
d57b3c22c62ccbd86dd3fb3d42f00320d5d56748

SHA256
5013abf1521e7d0f072a0b19231d2c010708657b53b750decabf4dc916c066c9

SHA512
600d4243b222086bba0af997c3cb96c74f929ff9d2b469a297df844a46a365e98096b1b6558bc12193624c1e23808f9ccdb52a7074157401de92fc17a0ea65c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
b04ca81159f769bedc4653b98a7c0b3c

SHA1
75907810c592ddb533ee1f3cd400d5aab0cc2cb4

SHA256
491ac1b830884b77b86380489f74aa369b0a1f1ce710a74be65ba2a05aebca49

SHA512
65716e242448adf00a977b92d68fff3e74058f46d6ed96c135a9a55a205894ecb89ca1649bc51f610e6f9c9060579a951999cb28f36f1052f313db5197b7a0da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
2cd0dbcbf78b49e3e709355dd24373fe

SHA1
f8c0031a8a3f47b6de72b91dd288dcb5820dd117

SHA256
a12b2e55a27bed369fef8dfa286b4c50c004231f74e4f568a7bac79eb38f471a

SHA512
d63647c329090bfdd75e310511b6b109abdbf772c298f4166845cd373ceec3c9efb45bc9d92e2e0ab0ebcad32ba1d2908ce61ccdad8a47826b6f7914bf81c236

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
f679f3d5b027254398b22717e261afb7

SHA1
b779b7ff757aebf99cc152bac5e9ba7433a29523

SHA256
77a6e5cf020ddf9c1f518982640d56114c9a8d9b1ffbbe4cd37367f87174a077

SHA512
2c1e6fe1dd62408bd54372bfbd17509195cb49ff24b77e0502a19f284e0e21202c3a39181a1f7c0fb2be3fa15a42d617264b08068db431d0951f361c1e7f2eee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
1c236cfb74ff11c5d4e1687aeaa5bd91

SHA1
1ecaade8d6d4fcec7557f3c55d602f97a44a2e75

SHA256
24db643aed7938190837739a68fa8cba891220903e66b5550b01e36a28e9a991

SHA512
28d98fee840d1fcf537c58372d2e56fce6b2c6bf85f81885d20d25334a599110c38c02bef1cf8acabd18ae9aa231929170d8b90fc40374f09ceb0827f21c1cc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
56295f7bde4103e2c641d5dc6195e86a

SHA1
0df5e723c7b38229e412980a394029519e517ce8

SHA256
f6a1e8ff673ad13e8c3a292f53e5f103a26c4e8dab211789afe8bd7c83839b69

SHA512
18206dcfa56bf1702ba53b60ed1397f128526a3adeb113a478616ab2304de3cd2185ddce2e38a26540d210577821ac9ae58d708bd9db986bcda7516fbf2a8e91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
72da9c6f81344b4d19f1b748edb18e3b

SHA1
a99f72a97ba3d378d92aef8fd14e79dd2255b17d

SHA256
e037816c3de5b2e624577034e71c79b4ec17ec1afad5ef0f768e05c7648d29c2

SHA512
b6bdbf81f76f6b374577bd15c3ff3c955ef3cdbfe11d0ccfeefca603586328053d67b31f635d47c02d9406688a0753ffe72c94f27ba320d1a14157a9b5f455fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
8b85d9948539dc71d54e44b8bb2bebd5

SHA1
9ad483039d7195524620eeaea406a0779b3a054c

SHA256
f1461a81a4bd6ce6431d5d5bcd0f95ccd633e4e2ff0aa2f6e67e85930059b470

SHA512
5d3c53ffdf35a90c44c61a1fb2112ecc86845292363f0db0e6faed004b0b15784b0d3a8246419d03f56f6fe0236fd2b90f1beab4b60621835419a3482a9e315b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
905b5d51ae8483c9e1e7dacd18b1817e

SHA1
a814e164e0cb146ffb380a739795b0bb01e2b93a

SHA256
5c63889de408f3719a78f53b3554b0d8d36d53cd1a8ba240f0d214754ef7a969

SHA512
c5db1b19f603ba94357874efcdcb2d950d825d27a2c234bd4e632fdbe315550e8312ec4b33e843b499138ab34ad5db7864ffdddc0616ea1321de1ad875504a30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
f30e8fc3fbf3207e4c2a0fb5fb4ed55c

SHA1
ac73434cb9fabe390e30981aa605ae3d68015813

SHA256
65b18ba35ac489b0083f6e2e745e3ca7110618f933ea24800ed7332ecea6857e

SHA512
66bb35049b5f6c75f79e07938611fe5c5ade6d64d9278338212c1a5ab9e5820f3cdfe28f1054f1b68d1e9465bcf230902df3fe5a65b7bf4ee8bb301dd1fcf95a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
6f2f42612ade7f67a58690d8848cac77

SHA1
2aa93f5c27e06110550d4e365049e91fc9f1f4e4

SHA256
72a1be24e8a6cb86b73b387f0bb6c41880167bd61799e088ff45e96cd557b4a5

SHA512
09bf2be885fda693d92ca268ae5d5b291361c38f576bedc570c5fa63c2280fe7daa3ea3ffb567aa8f14685602cf168ac011058a55a30cfdd6dac880b01b51bd1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
eb8c7641a926e78e614a8f43f7cc0512

SHA1
84b69b8719dc4a02b2a1e732ad7703d153d94a11

SHA256
9f4b1dd195d158d1f15baeb770e924867ccd3bb9105da623b5a7dc020a44c47d

SHA512
fbf0fe9df621facdd8bcaa8494858215c562199f9e8f0911b72ff4287f7b6eed5a521d7a20d0da1b952b4c756e404dde30cf717e18e29685fdb8f11f9515b063

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5825e2.TMP

Filesize
202B

MD5
b9880d742d201839505bd52a9cadec8d

SHA1
8aa88f08589f3ebcd2290c7f09e5989394304e48

SHA256
32675e539ea314a7ee1e61f21e7d37bef0e668445f4eb306a1f6d5f3771aed02

SHA512
8c515cb8994c005e8855d334a0e30381d718ccf6e60863b5a21fd0d2cb41a1e7c174900f9b34d5efd1344ad56118ec70713a7fa7f2c9240a12249bc5a47e3a60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
5cdac9c6fb04cf246f856de773b5bff4

SHA1
c261407843183dd2a6f939329b2b2b8e9a133d1e

SHA256
0a73eb16fe2fd640f0f0e7c31ac9d86480b04cc655a96e4d534b28c700bb914c

SHA512
5b7a6cb758450b57e3e2f84c8991b457435ace102c6a2e80f5890f0739243d039ecd1f3260e8134cb379f6c8edc2194fdb0e9b176cf051edc9198a35353f5716

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
20KB

MD5
b55e4052e70a0f98247c4b94f21e2560

SHA1
19ba547a0b1555589493ca56d302ff92e2484ee5

SHA256
17fd3e6bed7c8cb4463f765783138da8c7c45d8e8868c37df479885d3f9b9b90

SHA512
1233664489bb17c17cd9d33241a5d16f723f326b4893c793a966470df9cd22778d7181a3d283a5459b03ae8946eb23b30356dfc9086e4b5781ced746d8a890cc

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
16KB

MD5
a0afa8655f38b14f6193cbdd8fe2f7db

SHA1
d6e4d29b911867dade9ca51d21739db9ef140ded

SHA256
1fa96f5fa95e3c95bb94b15d4e19a58ef382c7b192084b7f4c5b3a9d9f00c735

SHA512
04d5238a80b33ca9f883fdeb363987106c64cb8762d99fb6720211cd7121f0950807b5c1d38d069a3c7c5d163be99a6a563f6902a86f6048fa771a23f631a91a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
18KB

MD5
69d5f71d37a330a7f1a11e726aa4a4fb

SHA1
a5a9dd21ef6593c476699533fa0e910586795c46

SHA256
e5a570f5e6d574daaf6839b023045a9f9089e6bebaec44727d43531119dd85c0

SHA512
dc935a880a27c6efa3f42bc1b478c11b459c33148858ac59003b36b0472e853f17a843171df1f392125a65bfc34e89c3c4521bb747d2123cc0eed48b5a212f6f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
20KB

MD5
ed6861da2d68c35635e6ba44f30c17ae

SHA1
d46c2fd277b2c56634c7d136f8de5aa81812dd55

SHA256
c2a5546c8a00e1cdec23c63c0f176c1a8668d371ed27d3f6ba19d0e8e2cd09c9

SHA512
1f94986367bad884b3da2be38a18122e818588c5b293fa9f9cee9117b6deca0d1a92738d439f00f03db34d2cc3e6124a91fcaa54dc69a1b8f06292d3dcfa95d9

Download Submit