hxxps://www[.]pcspecialist[.]co[.]uk/?srsltid=AfmBOor5uFGdudswz7qu0F9EVpzGLqGVlHWqBTCjXRGjeeU8JUCFgUNg

Resubmissions

19-01-2025 04:21

250119-eyzbjavqdt 7

12-01-2025 11:54

250112-n29q4stmhj 3

12-01-2025 11:48

250112-nylvwa1let 3

Analysis

max time kernel
712s
max time network
713s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-01-2025 04:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.pcspecialist.co.uk/?srsltid=AfmBOor5uFGdudswz7qu0F9EVpzGLqGVlHWqBTCjXRGjeeU8JUCFgUNg

Score

7^/10

steam discovery motw phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
611	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 15 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "46"	LogonUI.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3412	msedge.exe
3412	msedge.exe
2968	msedge.exe
2968	msedge.exe
1196	identity_helper.exe
1196	identity_helper.exe
5820	msedge.exe
5820	msedge.exe
5820	msedge.exe
5820	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 57 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of FindShellTrayWindow 42 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of SendNotifyMessage 40 IoCs

pid	Process
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe
2968	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4320	LogonUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2968 wrote to memory of 2332	2968	msedge.exe	82
PID 2968 wrote to memory of 2332	2968	msedge.exe	82
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 4996	2968	msedge.exe	84
PID 2968 wrote to memory of 3412	2968	msedge.exe	85
PID 2968 wrote to memory of 3412	2968	msedge.exe	85
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86
PID 2968 wrote to memory of 4932	2968	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.pcspecialist.co.uk/?srsltid=AfmBOor5uFGdudswz7qu0F9EVpzGLqGVlHWqBTCjXRGjeeU8JUCFgUNg
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe0a3c46f8,0x7ffe0a3c4708,0x7ffe0a3c4718
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:6056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3952 /prefetch:8
  2⤵
  PID:1372
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3952 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2208 /prefetch:1
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:5808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4936 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1900 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:5988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3980 /prefetch:8
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5460 /prefetch:8
  2⤵
  PID:5912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6844 /prefetch:8
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6852 /prefetch:8
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6032 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6364 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6784 /prefetch:8
  2⤵
  PID:5160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6712 /prefetch:8
  2⤵
  PID:3984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7452 /prefetch:8
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1228 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:5284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1
  2⤵
  PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1
  2⤵
  PID:944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1
  2⤵
  PID:980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8392 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9456 /prefetch:1
  2⤵
  PID:5500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9468 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9600 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9976 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10012 /prefetch:1
  2⤵
  PID:5360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10344 /prefetch:1
  2⤵
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9612 /prefetch:1
  2⤵
  PID:5512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,326214597260015003,6838414918266799850,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=10000 /prefetch:8
  2⤵
  PID:5032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4308

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:764

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x504 0x508
1⤵
PID:632

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa392a055 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:4320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b8880802fc2bb880a7a869faa01315b0

SHA1
51d1a3fa2c272f094515675d82150bfce08ee8d3

SHA256
467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812

SHA512
e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ba6ef346187b40694d493da98d5da979

SHA1
643c15bec043f8673943885199bb06cd1652ee37

SHA256
d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73

SHA512
2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
26KB

MD5
ded1e9fe062432f91b8d4c1e40e20945

SHA1
97476b6b80723cb4b4c137d9e4fd7139a2edeac7

SHA256
d50e8a7e19f00641c52627e92998438a379e1a5c5f59b3bf1da6e60fd24dbea0

SHA512
99b37dbd84101199efb94f76c63df8d49984a10d935bbd5773a08e6d607759c96ca56645c5d06323208377842f4285e1cbfcfafb46d5e78bae389e6a8dc12827

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
125KB

MD5
1559f11ca5f570f38058c193e7e726cc

SHA1
e0df06a8c04e2ae428dbde44e3d66023d483f682

SHA256
842765f9c0968d5a47a58f219a49b94ff9e144ec9064cb89c31d886d100ed11b

SHA512
31d4023d15e2b9c870915cdfcf1c5a26b68d09ad769064108b9172acc3216169984121b26b8a76c0c691505c33a3eb6e006dadccbe5db92d630b5a7f46f5c2e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
133KB

MD5
b9b2f7839ba535555a0505eae76f02f4

SHA1
afcdc07a2660cdd7129f5cf8b0109a57cd9d8a8c

SHA256
50ab7028a914823958a30d635ee319c749cf3a873e16a3da4b503778f6e3ba8b

SHA512
4c973746bd9b6ee07707b2eae64412b213765d555d26d61192bff1d0b8c85cd463f283792ef4bbdfc801f3eea330462ee67f98f87fcefc54ab340bf7c8a9bd66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
28KB

MD5
1752326ce45c039f4c5e81ea24c27c35

SHA1
4a22a9151c3c94d170cd3d23659e8e1a5a6f0070

SHA256
13dac981c708b9d1c6d7be7666ab5ff34718fe7d1362428217e88c75530774ad

SHA512
7ca5eb8b11184b97b7ecfed373420f7b9926839edcd36ea6bcc37a09190478175c49d7cfdb6dcbf1ecc8f2570feec9a0ac8aae08442fddef7986330043ff2d08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
30KB

MD5
7808e0e4b7a714230373852158500533

SHA1
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c

SHA256
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

SHA512
ff9896a0599d770d54b86a875ce98135c5aa077ff19f2be6e075146b8501d92b874361dc8701a18ef4c14ab5400a7a48c928e069e8f05c36d6f6a408b90664f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
209KB

MD5
609753de70d0d0b9556598e19cb2995a

SHA1
36b61164aa726af5ae54287e968f3e9d14dfa00b

SHA256
4612bdcf784c810382afd75e64b162380cdfa11688d4b677ee40b311696a3c98

SHA512
2aa56221a5b724dcab469a55f747b015e318df0aa72e22c0c0a81db7df0f73bdaaeed8643be342af519c6bd4bd79945bb2f4383d1f45c4ec5fabe7d3c1f76f36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3814e63fce080855_0

Filesize
255B

MD5
e980cddd98b2939d0aaf9cf5e3350662

SHA1
e5470d806769b4cb32d2e353d66d4bf940aa2e56

SHA256
a9a83f1e6d531bb53f8e28f356369a7db0c42445d5ca3c1ae68fc710d5d699a2

SHA512
98dc4b7d7e652193717c9ce723b45a615a6392a1196fef417675e5ac4b6863541a2fe516952f68dde82deb776e0b14f1778a85d2289e89039c39cd5456f4ad6e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\68beb9628f526b1e_0

Filesize
95KB

MD5
aeca01f79fa0ba309412cbfcc46554b4

SHA1
dc2b7442757c884585909c9c1bf72e12fed0a078

SHA256
24f1fdb03bc18e6380744fe3415fdd3f72c238804befe1b8f189b915ac226672

SHA512
c0b71c51cbb859c839c0cf80c3452dd3e16156c0b3edc80b64f96acec92b8d87521809bfcfe0f80163c52d4f94a9b650b1095f760558439b1a6198baa6ef07f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b82193a12f727f5_0

Filesize
586KB

MD5
23a32afe197d7a85aa7ab2276ec3dbf9

SHA1
e6f9094964765d476f40873b181860f3f5028f09

SHA256
5aabfe0dc96b24e5d4a05c474d2fcdb01ea0fbb1be170025ffcc3b711dabe206

SHA512
d5033639beff9113b2290d1b2e51f09a03d09a9ef1a023696f5bb9174bb6aaa0e924e1bf6d4162336be674a7f9beb77ba55be1179ca06df3651f286b2ab9be5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\92cefd21fddc9541_0

Filesize
24KB

MD5
65f0ea55271587f283419238ab530c9c

SHA1
6f05a92a54b63edd11e98136c7ba768fb01f3d60

SHA256
1839d6b161d5f6692eabdb6fee2eac2909f3bc439523c60175a83f9d4ffa8b24

SHA512
21133f8e848dd124f5fe06a3320e3f94f2ed7b905c7c0315a112749a7b22abca1f22300b9d3ba92104646626cf1325dd27f7c45b38cf56c440f8e361c2eb6ef6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5388dd83237d986_0

Filesize
267B

MD5
34d41ebeef2e543b8ecaaf8eb33ec344

SHA1
13061dc4024da3f0353f4f6734ee509792694969

SHA256
7a35589f2593acf25e3adce75e7f067bd197125a9728b6ee1033aa65ebf45173

SHA512
7493b2d22c5f24def746845076a9ce67f1a27659cdb2044a3e5e4bfad440715e45e0d28f912e81d948e93239d403dd060cb2d99e1252e156dacf32ae3df1bcc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5726b383e58bb21_0

Filesize
314B

MD5
3e7bee649e8828d34eea2484578265d2

SHA1
191c859866a8465ffa1dd29b3a0c69b899374f67

SHA256
9dfeb7a064958574e5a6e369b022fc43685b1bd960ce59ff4698c779d223cd8c

SHA512
2e8321344e63318ac74c793024576168fcc60172703230a5e80b9fb3b2261f6c2f92a5cc5b2e98501bd25af7eee9213c8b81dd850fe4b84acbac273aa7b2b650

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e41402e25e2abfc3_0

Filesize
429KB

MD5
9f4e04c0a02338a094199103231605a4

SHA1
c19b9b87a007325e8219f83bbf76bac20bf3ceb7

SHA256
5e56be794b696e978b8ad29be866869fcaaf6ff3bc6069b1e31f93344591ba70

SHA512
942095d21ccb8c817e94b9d736f0b19c48f6c0197ead0f3e676abb71e9161e4d825865e8c7ccd8d7f0222c02da0887fcb66e1212801290e1c972937c3c2714b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
2eeeab1ee1b26bedbc6b78615c53979d

SHA1
abe13c4c97ca0582061a0720bab443d002ea3316

SHA256
d2d0f39eb2c609e3a3b1f15d6bfa3c79e40c1cf1d972afbeca4287ce67de81a3

SHA512
30f7fd81e90f643f1e64d6cdf45dd0ba772b0dacfe7cc99ea51447751a297982419da4f4811bc6ad1ddf32e0c157ef48c1cd2542d2187f2818c11a2f50bcdc1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
985998bcc8daed407285ea136ff55c67

SHA1
3cd55b1218f9e1eb18d2fcca757b41aca61fd0d2

SHA256
4bfcd818659a7807772ac2e83f7598d987b0c2c0510121e1114a61ed0c8e08ed

SHA512
f65e026b5e2b5489b5564ac189d3365175039a4bd35504c90add325fa3ee2565f70dd15f87edda11c6766d7c737f74cb5dfc344c55bcf48f5d23730c3ce963b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
428118b3b5480d6c195cedf42766989c

SHA1
86c6a7ebf73748e0a10a6bb61d6cf04f2e363e6d

SHA256
272224ffdeab63de432a380c24d27630a65f736c958716fa89dadf48247a7f9f

SHA512
895a289d24604c2ef0efdf144461d0733643fdb5e93247c4fb583813bc2898686b57ee22403f477699eef07077f5d69dc8dd520d258fc978e5dbd96467fb3982

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
8a0ddbad3be495b1ff65bd1e7afe6179

SHA1
9b940e6e1a88ab235279640a6f0f4aeaa536796c

SHA256
70c8ebd89b85dfc9496750f44177e851c7543ad91af809695239fb6ede5b806b

SHA512
1d68da8d4e26ea6613c398f4c337c74f01eb29cd75e08f9f18c10720d1a3ea3f22fd2ed08495c2bcd99cb86d8a47e3d401c0cb81a48a615a7b9800b89dcfc1cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
42461bfb2503905ef9e151ba33550157

SHA1
783c58b98a642ca2340252cfa6127bbab683fa7e

SHA256
edf6c03c48d9eaf7340b4806cc5c4e14539133a6be9ecaf635679b36e1a59081

SHA512
456b9566158ae43a7a819f75862ca747c636149cccc6965df9f4f01e3331ba62c68dcd727135bd9a7ce3cb764a78755f6ff5e215d422961620864f733f50e89b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
ebfa0b71813b96021e04c812c3a308da

SHA1
fad3da49198a1cbb10529635932856771923ea18

SHA256
1e4cbcf2da0f2893b92bb31a5700a575092247b8304950571627fad331d83a57

SHA512
34cf9b314ed02e874c8fd0200c2dd5f1ca366d53f3154a686fab114a5b2c011d12815e8f92365f2a204685094da56ca90b237f9162a0228ec1ccf60076d4d853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
65bc163a2743b4e53df2902740987aa6

SHA1
52f845dd903e7dbdab4f616157747580193bb493

SHA256
ff9896b897a0c1b9db9d88c7dea901a5374b3e59c2010122d554d1f790cda383

SHA512
8736f8bd47dbaacf27a0c2eaadedcb32fb05156c4969011f20e210c2144d348bdb50df3b991741607ee4ba3595be1e2b14cbd8cea44f68087d722bc3536b60b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
4e9440cd35eacbac5a311a806218d0f8

SHA1
db26e29c6c409cb9be66e4e07233846031b0e559

SHA256
e055172237ed64c8a723c414f4a61d98ae3ba5378eaec0a1f48d4d647a61436e

SHA512
d730edd6859a6389bd441cdecb87d115386ad8056486d164187dda3c3d5ed0f9d332f945b9513021a4adb3b48a58da9a451ed710e04b2f5a24ffe30b83ced1dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
279a31dea8e68959925f349e007b16e8

SHA1
e285a9a4b2eeb58e4637deeaa3cf53dc15e5a1b6

SHA256
abe05a106e03cd50ce401e6124621eae753a656c9c8a0e5d45c6e98387a39075

SHA512
d89583a8ca5e38d118c48f850a042e8562b154e6aaed269418b3e6d121a52c14115ce9c9c206a62fb4dec374be2a8daebc0fd3d76a1d05a02d4fe696a63171bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
5e1a15b61918d33b0e02f0079d7ab115

SHA1
830d3cfda9f89134923fce150a84298a0507229f

SHA256
166741d1b3e868d9d64fc29dd2b5fab85d59c8d3db31308b650ff107e9f658c4

SHA512
b4bddd9640497b0741d80e259a716b685d9201757d56e5459632b40e049f9a4235145cbc05a76eab5924276c2e31a8f3154642d00e1da3a975dc491f0bd43de7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
707e72e05c29a57317a039498bed6ee3

SHA1
a1efd5616969a77ae59046ada84e1fbb396fdea5

SHA256
533baecad447fe44d3ceed5672deca6430fc1fdbc21a9b9c57b904489ab6f527

SHA512
1852c5693392c3684b4ac505f144bd7a80e6dd08ffa6bda28de9a2f46a507b511a841d159464a700b2d09c8bd498159a1490b25cad33942daa08a5b6c7a6385a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
7d8998b2fe6fe4331e21910c8297898f

SHA1
ddfa883442ce98261d9d133b7a51450df48576dc

SHA256
c4ba0893299831814976a4836f8e1ccffe9bbe6ff99f825f750a17f5f7f5ad56

SHA512
244f29ad6282b2265f60876dd144b3bbf654f3d0be5284bbda185fabdeef4b439be265d8c42535d99e15695dee548dcb09b9bb6e644109e40ea20c630b2f5817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
17KB

MD5
15d34d7cfaf8699fef70ed4bc85f5f4e

SHA1
66d8b0bfc8863ac71c88868117b18402693d37a4

SHA256
7da7d8adb46aa4a711367173dcad6a919ec49ce66f126beddfa73bb2b3344919

SHA512
dd7a257e7ea234ffc5638ace61470872021e92921ebb12bf5cc678dd05cb1bf03bfa2a267aac76d706a63bdd0d948d610d49687d99ce5eff3a2cb94e3f6a6014

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
f8652efbc5ea62d402c88cea50f08db8

SHA1
fccff43e9d130bde754f9e621292b1263f7b4505

SHA256
d812e2c149272e95eccc85a90353f9d2ff926ac4d806754e599ee62eedb1b4ab

SHA512
fa46aced14dd6ab391b19280ea56f9c172b453e8864218197cb4096fca8897ac490c39db5f82ed663a441655e7c9eff8994f90e877891c052e2a7c3173f62a66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
16KB

MD5
227a1b6fdb4d65b81e2e0e3221e9204d

SHA1
134e479be5f1b12f06dfe236b4b255e44cb664a7

SHA256
fcc5e709b6d54c12b6370259e8f65a6f28206075a9b40609bd6c4596baa08309

SHA512
efb53975042ba425d9cefefe117a9459f1907cc88b87a42f8a5fa9f858d7f6c3a95a724e0d24393729ee143f1cd57b35ccc95ad7430eb280d5241945d50c6f28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
17KB

MD5
ed427f0fe8568952ee2118297bc10904

SHA1
dee823eca6f723877d3d3bf1b41d2255a3610b9c

SHA256
0245567d68d05149d37a7604642edd2d377aaed99437a13a6a050a817be9541f

SHA512
e298643293ad9103e39be9226b703447d7de440e6868685997a940051612b2e35118379aaad7a877dd19265e098245724454c1ce2c09af4b7d78b36b4b05e6ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
78cba1d3ce3ce0429d5cb13d04069ad9

SHA1
366901ea8861a1a5f19bcd175424f0b93fc3b649

SHA256
aa6ec72f3ff26fd05f14c0f1c518f5e5fe97f724b2dd153a31dca88fdc960942

SHA512
4ee1aa8a67e8a0dd6d56ae0560cdd1f751c13361abfbd38fba610c1cae1544808aa7307c883cb2f264131a39861fc54e67739a58b169408324ca8df4fac1d3ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
462c566187201f5ff848159b534154ad

SHA1
48cd041d6979140835f95fe23f5aa978ae45d322

SHA256
162a3b3d3deefac37e2dcec78299167aa86f04a458d08e63cbc079b3e38dcb46

SHA512
3dd747c8ec88a3f8d9d9dbbcd0026b7250e3cc38931e31aaaccb3e67c886e0daeaaaafe63bd78b9c25721fe5da75e0f29a0a9de01ab2173380964f9b658ef76d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
dd77613c54412bd861f95caf2a29524f

SHA1
dfebf4ff08ce7100bf80f92f237d72b5739577f7

SHA256
52fd7226b168fdc182211aa166225b2e240b141b113bc5a0f79b38c7b3ff81e1

SHA512
63e8ca7d142d1a21b6edc278efeb712b0e9cf203ced41efe06e3df6ba00055788e7f7e7983ccf6c9d87d319ef790fa13c8db5884870bb2cf250e024c59088479

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
8dbdf72607eec43378551fdf508891c6

SHA1
cf1f3bee2c0644f0f43fcfae3513d6743dc25351

SHA256
6e9e4bd7ad429a087c2ecc52369745643a1d6445710ee912f12d6e695dd6acd8

SHA512
e52fd2d91dea73e29d07be3033dd52f98b9d920b13ae2479163a161e0023fe85e17dba468ef8ce252a01097dba69c6e724ba05c2cf4fd493ffa558a88ea58a10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
8168ccca78409678b68ae3d97719b8eb

SHA1
c5f25f84d7efc8b0b39a824ba5c690273061f061

SHA256
9ca4db9cf528d44045c1bf5a9f59d444a9fc56e53ff070a84993cae469e79aa2

SHA512
ffd161637869261b6d49403b5a35d4ab3cef2ff03ba5d8ab5962070b0387b03343e212564cfd35ddbc830623611ec77247d9be4dce12dd91e461541182e48eb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
58525806746846c8839d5b999f536fed

SHA1
80292ac4088f3f9cdbf02866fc96696a82785e27

SHA256
eb1940a9f5a3307f997bda109eca7d16afa558fd4bcbf2b9605a513cb6677da4

SHA512
eb6ab71291b19f011b117d7a33e9f696fb4645768d90c2eae2344fb572653501ed4d735acb2c1aca4e9a8a68c6648efb0bd9e8f615454c10018a7a205526abb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fff323d69e68375224c92cf80fa28bc8

SHA1
1b5107dde7d07a4543677f271cd2f745fac44f52

SHA256
96ad6e913223050da044970c6f3f754abe6c03566403bd02ec90da81568f0f07

SHA512
80dfec354b6b99a5637155750999b2b840629ccbd0bd034f76779a7b8aa3017f90243657818eea20faa65b849cb41ba043f7715a6d1436e8b0988144d3efe207

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
dfb21eac7c1f7f7868e48f94ef868a77

SHA1
7294503c575a4662f7dfb2e8e4bbf16609ff3c11

SHA256
7d47bfd8476765b400e0568ed01fce1b384f1348ea71cdfb03874407bd983da8

SHA512
8a697be22ec1bf113c44e3e0a243f24afdfcec5334c794438fd187ab82311602a849bb80caa3fc06d0a809cb70f1238deca912de98037fa5c73f74f61909ee20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
308a9ad9655c067c8c735da9a1b77443

SHA1
b4ffb72b05a65de61865b48e94f5af3a62b4abdf

SHA256
28bbcae305bb357fac88e2cd4693bbe5ae9283a1a16ffcca75242cd93cbb1963

SHA512
ff0de9c9a081c8329f990b0ccc95973dc140b262b08c03056c559d6c196831f8977ae158470124ac843687754182de504d3886f4d36337e5027cd28d1e4165e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
da0f6b678bca0443a57606c65dcb61c7

SHA1
a75f957edbbfc5b1fe4aaa6a91eb0348bd7b60ec

SHA256
16a083e683271a84f5c6511804e9913285aefd358aaa6e01bc041276ac73a502

SHA512
15f76a9486dd82690f35f1aaad5d78af27f5fde9d1c4c3bec6b694a498057a9ff34fbc501df3224801aa1274cdd146cd6253f66a236d798b2015d50bee06c614

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
788c6b694a627bb1fda8fc6442049945

SHA1
aad94477aec57cfcb822cf4bbb66e9b51ac6657e

SHA256
2ac131602527766efe9c726516588cc7367ba23397e0d47f83939d6a433bdab7

SHA512
12fe157a19c96659bd970efa72dd4735aea284e5a850fe98847491323de9243c907fc3e13effdf41f892656726ad690b0d9c0d2985eb1183ec96a20fcbeba731

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
60bfd1d2ae66a95632589f6c9269b0b8

SHA1
46794d71370b91dd4644eccb11f308e49419e27e

SHA256
324c18d01f7051390ddbd50b4d01dd8c0b3d84bf157c2a241b5a952e28b62190

SHA512
de0f10209636ab65794eb1559f6dff28f4c57058080409f9981384977ec7bd118f58d3e39815c6619f910513f38d4830f70a96b6e5b29d1cba5f26aa1cd26547

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
80707f7e96ef431cab1809d36356405a

SHA1
c8d0f85a8b8f888bd92cb7cd4f070681cfb604fa

SHA256
5a1e64d819a7b2d1b8740b418642a2881c33d68f474a4d536151ad42f2cf5466

SHA512
92623a1706cfd744081b0dbcf14b6c55da2cdbf5e255b22f5f9dc8de1bdc59b9419249ad4981cc7fb140c5d84c60ad28aaa954c6279b09a1770d4ce3959c6bdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
db4c59b5debd81f669f0c0e7d3db446a

SHA1
2bd9bb9dbb231657acba460c599336544bf1033c

SHA256
f91fd92d27a8038e16e22944f70ebc70f3da48413f99479fba21fdd803484d6d

SHA512
024355f658f4d3d4f3bffee853dc65360c45d86a07924b8fbeff05ec975dbf32477a1d59db3beada301e6fb87d621b7bbbf1ee788db3c09d8d66611b3cc03aab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
a5718f818451a1aeb58342ff3251310b

SHA1
5ad0da99a4376ef90cc64690de200a4804193881

SHA256
f255a8956a9498ad8219a4f82c304ad0a005adb4073e3519d03db63aac8dba85

SHA512
0be0016ac2ad85b4084dd2ed295b4c86e8c9a7984adc8e44954c2009c9c6ab108c1dbaeb1cb918ca4c68fb72a06e3388d95aea44ff8f16ce6364ece7a00cc5fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
27KB

MD5
b3d74e42a6c0232ca5ac0ed8c6eff0db

SHA1
fffd7ce8999c63edaa3507a32725e3723dacfebc

SHA256
9b6e3c0a4f8ef1d51a5a9e7beafd8c6965ba2912a7d7954873fd098b48692ed0

SHA512
da0be6fef75eececaa0c8c0fa143de14e37393b9e136397134d327b6d2d83a5c88f36d96123cf4dc9ebab31d54f95a3e8ddbad5ecfc30a0ee6c791ec91192cc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
64KB

MD5
f1956ecbcbbd2be6e05f87f3a21415db

SHA1
029e566988239d42886ce1f3c00a68f841afa724

SHA256
d5e21b72b5ab75ec47d38545213a76ceae72515d07b6e2a339d6d92ee4c6fb11

SHA512
78f1638db6652b3dda8f8183b8d6ceaf6bb40e22895169abb10db7cb34b1afb565bb0b8239f9cc28bd63db544ee8ef049832023d93bb15aa1a6a197773618a58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
782b755026fbcb4642518d98335464b5

SHA1
6347f0e0c7213dd5af3ac4b8728afd39224d51dc

SHA256
86423ed073bc777497f66777ee388ffef2f4bddad333d7b96cada0331fdd1b0a

SHA512
e37f4f1c21bddcfec296c5c40fadfad5acf98147fbec7d77aa9e5d292aaaf54eba7f396d358c9251d8fd988dd7739b23b1ed529e725e997f14a0b21be7245e82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57dd7f.TMP

Filesize
48B

MD5
43dfcd033b0334f4d10b2cdfaf47d182

SHA1
d793fcc1a5143293a6331175d790d4f347f92d54

SHA256
3e0d222d511632eb75a91420ef5754c6a01ac8cf4287d65ec226e4d74e3f654f

SHA512
58f327c1a3c1c87eb1723a9a5e36daaef33f68e2be4137cc93ef6fe22a52f28f561a9535b776862bf526c98e41581b28ebb2a9fd73809c1c59e25e36d583d1ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
b8589317b8ae807c7f1e58f47370f1aa

SHA1
34a16bc522ac2365d5454bf5c7c2b86caf7e6c05

SHA256
8ebdb2906c2273169bb41175265d9c800215e2d1a699dadf46d049d9d6e7b6e3

SHA512
f674057e6ed04562db33afbd665709548405165c35e6ff25e39dd46ef7ca97529bdd8f556ece60c6b39937f4f1800c42a28bcffd2d98e7ef905d07bb92a85985

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0ea972714cda3c76032754b0f126fef1

SHA1
bc4cbdcfba16a1e5c4be9fc5bc6913f2fcedcb40

SHA256
d6e224b2f2c68e11142e5b6973f39435c1abd8ca16b32cde9524313e1f6a3faf

SHA512
08460e55ace8964ea8cd72bd22ff48ba5dffe638ae459a06a0ce2d974c7335b271f4476af998753172fc19568c19186a78d9330bb727010d643c26402223f478

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
8ef1e780e4f816c53457ab3ec413fc32

SHA1
3e40290d45050c130ba43fbd45319a5f6e2300ae

SHA256
fd1cf62bf80c8daccd12b8eca8a9def18b80647dd2b1f3a0fbbf3753d574309d

SHA512
4f695c9e0f96fdb3d63e84902f886241c84f5f419f2081b50ce17fd7ceb60f3889935f4530325dcacb9024be9efff527fcb4990c05f9bc3e1b3972746dba1d77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
2d92e038cdb38acf9fe20080bb13334f

SHA1
a26d7663e0474ce810fed91d33a8aed202f20024

SHA256
4b14ccac35dc84edc9d8861b9b7cc9e855fda6a2b9452abc4d048ab78356ebb4

SHA512
3d00ab668e2134ba0a8fa116cea32314eee6dc79e38df65aef028d3f573f74e7c8a600a661c44e64d35f916cd776abf1e566f546cf0906cf429afabf67369b7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e6803274707c68a3d24b0110dd80b0be

SHA1
929411e7d008af7f8dcab7ca633bcf50ba51509f

SHA256
a9fef3ccad45d07851a3cab4e48c32528747e5a4eface0386ad1d387e1d6468f

SHA512
4a7c41d273630fb233397154b658d7299e68372d978b1c7968660f95c9a115adcd554734bdfdfb5e213f9dc72f8207a7fcb8978f668744b3049b5914d256f22c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
0cc42dcb2e31a933ebd8aae830d4956c

SHA1
ed90fd5ac264b8d11ef38d53246dc886d52b7480

SHA256
f04af0fd46d85f1b88d53425b568b0ecc9cc76c835e011b4e28b531eb42943ee

SHA512
616e2f16381f95f6c08d135362676ccdce1f75d98c686bfd6a73a9d67a3fb6295e1847d3d68c5fc4c10808a83e047a4ce0cc9d7901bd8168ae2cd983eac58b15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
13f41287d38eb611accf10aaa9056587

SHA1
0b34f2d1bb7b51fe8f6027ab5e4a88cc1365034c

SHA256
fb653c319a5bf6736d80591700544fdb817c41f6aa9ce114d30658a47a981d26

SHA512
9f887b77bc1d5cbf59f5eb4cb00dfb68bd548c64ff4b649cee0c0d30594853cfe3b58b23c47ea238fb6d01b7556634f5b52557846d86f6ec6e2f244cfcfae25d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
d9510b2e8fb797fe5fd1476c58fa34ce

SHA1
6ad573dcefb1f9c33e831b53c9ffacc9c5c9b9ea

SHA256
34f3a5c5b7c50c6e12e1f5c83c89e48bd1c457fa35b5a39da13f43c50d16df7a

SHA512
d477ba2039f671b8077741737bc5a3d9134a23276a64bcea97e278f12cca624b5d086e878c85dd383639c62b2544f49875994a6f0f2c765172506041b37ebed5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
27a4b1b8b7b77acc192ec767112a2328

SHA1
fd9095ef234b022f5871b7e8c24a915072b3f27f

SHA256
ae44dd09272f19fceaafa0fe78ba62c821becbe643816b762d9e3e8a34a87944

SHA512
fdb0e72beb7e7123adcbd10cc1849786a4ae5842f9f9a76c32c543a5e6b7611211160b0a68e4ce43d7e53c19915bb984113ec93b5353d591c090313e2ea07e12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c5ae0f98f7d98a4ecc9dd95abf0d26d8

SHA1
c932e0d52d0e03330db5704bbe3e0810f643855c

SHA256
421589cd1b2dc714467f313d525f6e414ed3f4b25910b94b48af40be3b5c97e0

SHA512
95bd51614f820b7a4cb63cb9f8fe8c5b4a5b924ce19bd0b6a1d29f2585f3ec8719581a815d7b9dd5226d7f6b24fbdd598e0a118d78bd2e00267177957e25d550

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
cea516814f539ea578f0f1355f549f9d

SHA1
41b3ef893750c9d3c9626eb648fa20b3f62a4bed

SHA256
00a48e77f5219e0c0735f5e64cfb441b2ec9cf4dea06e490745130cca933c655

SHA512
e8a9f7e1ad25706a403cfa58fb5403bb8f5749b15d9ed4ca99f472fcc9de6674ab4a32b51dd9f2f82e0181c788cb77d197a657f65ba32ad592ca61a13af44f4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b6f75fee6f2d3b873cc884c732c0a73f

SHA1
382de6733653a87845471d10089399373882470b

SHA256
2e3e139891dee0f487012ff670258df5085146d6aacc1836cf0255fc85bfba01

SHA512
b40660526aeb82e61994522f80a01bd1046e6bbb2d41ee6ffe3f306f53fe55e85fb9acfa16f47c5279167764c0afe8338ac6408d951d5c064c1490e4cd0382cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e729713eea618eef988b6f837b39f550

SHA1
6b325743289f474a6cdffc49bea45e1cf8ccf46d

SHA256
374b0610f832aadc4c979e56ce67e3e792210e09a27e56c14b88afbd6277b0ed

SHA512
29728b87a4efba0e36c5f0cb9e99a3cce05fc48cf0b096720a74f84b9b8fe950ecfab52f418679ee5f5e8d857d3b95810f82935dda526e0c29686dcc4d08bc36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
5fd1b57d7c9ccc25f420536ad01f4b26

SHA1
cf7a04fd8a33e7c8e70479c3bd2e95c0302edbed

SHA256
d337e4db8b373c4cd8cbca8bf3646b09a937fe2f0406bb39dc3e449391a5c8e1

SHA512
0a7fcc6f86c7ce81848865fd2570adc79662c6e1b4f046c39bc7e83c169444df2337c8cfceff4ad19b47e453939cf9344d1ecb49436115f8904eeab8fd0ae190

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
2a999bf298890e3e940711de2461b745

SHA1
817c69d55d3098ddd8bd432feb82ef1e1341fe80

SHA256
1a788cb73a2dc9415e1e2d79b487ad5efa8822d3979538dad114d10f11fb9b5d

SHA512
9ba2ca778d5b4c106e67e2236067f66eac7e836c4d5ccaa9651a1b5daf4b3f37dcdecf24266143a49bbd4aac7c243c36a879b52fee0452d10e463a3fa5a3a4f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
da663ad819c5a14c3b28beb0c6796577

SHA1
84d834334a0fe12219a1400b6bdcf38dd3371d92

SHA256
f4b62fc50e4654846d3dee195193dd5b3f4aeb2b6d82b9ee2e2e299682d80ed2

SHA512
5b7ab903b8c482b9a781b5788873d37062e709a8d4ea84d2916eb5b2f57c9026a9fe977694322438529e9d184b49117f68d6f0a38d001cf4432fa4571101d834

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d6ffef45f757bdd35cb7aac588fc17e9

SHA1
2841faeb51d79dd50ed7dd9a9a3ec8cdeb868447

SHA256
d2a8dced619c68171a769c3d49484b414089791c95a81ec322211f6af3f41d0b

SHA512
6b6dfaf6b9204c05f8de0c0d4f78b47666cdc5f3ee8e5af6ab4ed39dafe953619f424906db6bfac1d781492995e882209478e6c25b20ec43a35887ad63daa05d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
46e9b6614d17b1b2fa8c727c8ecb0aef

SHA1
ed6a7c7e15b1b1532c67ebd06b890f18b97ff84d

SHA256
1d114ad9d72db03c3561b1b7f4ecf948387d4690635e03c2b3973fc309e4a61a

SHA512
710b5a8d8394cf00a8bd3cec6ae45923db20ca6654d9bd2444870f6d8ff056b5ad211efa74a254bf8a0c469febee74ffe1ce97aa0e71208406d54bdae1e02d38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3e5ed2302ed6d9e18c9d7b505547bc2e

SHA1
d2794e13da4822cf40cfd8b320cab4857989cfc9

SHA256
276deea2f8a1e7ac184b13bda28242dce6d9715f66feec280c7f22934600256d

SHA512
0aba0f40092ac87359cd51f4e11a32524719081287ff56fec61b1659bf08f2b8411a831c6bd3da4787809e8ceb39a9e266d5a5f1e4060f3212faa6b893670f90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
13993fbc4676d11f8423c9f0bab2de60

SHA1
421cc964eb069ec4c3389653eea449394a5c5d8f

SHA256
b37e6b5cb2137a837a0842a352f6268a70f1355eeae05f34fd65950fab0836bb

SHA512
1a74edb5b882eca39ae84815a9ba0272f19f6d015e0f3dbb04c1afe8ceb70bb1a7a62551c5d293a9d0c545e5a0683d6300117047f873ffeec87139ffd83d5f01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
36633f47168667dd78ecbfc80795c74a

SHA1
e5f4233f6212a08ba4119eb73f43d461dc7e38b2

SHA256
87bb150d23e80e62d9b26948addae487df16396998d90b7a7337b7f6c1ca3605

SHA512
87b054408e149f04f0106821ff0e44e14b2f2229c6126a95e5941277bef43e013b4d8f69a33ba67f5e1d453e0411acca3eedafca9c9c970e0ca5fa2c75fef53c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
537B

MD5
f70b6a913d742210ae292bc93c47fe01

SHA1
ab39ba08519a8480b6395a1df70b3c322a0ad81c

SHA256
887b10a9149d669b10bcd5da7322140757cd0c5510b5db9362d379e6a918c45d

SHA512
f9b9d72d188a4c1622e5a88f25a527340673f5da93e306d98ce6b64e9ceb2b6aae96a3c10a762c00091d7a8a294c6e75c92f8c3746fd9c66cf08e6549bbbc919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
6df5ba55e405849c3c15956a9b8dee04

SHA1
fc94f96234e26d1c02c86a32787621c58505964f

SHA256
f22af9efb68ac7567eb14412827a42f711524e22da5b445df06bf0d8c09b847f

SHA512
f63f438ca80774fa2594c20a2539c9760cfa0b5e63abe4db54bc7c8cfb82b0dd4f906bdb0d28126c1e45f47fa7d9466d79b396b15c89cba51e4b6b0f03f0c2e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
bd15886e289967d5d0b8948b8212fb4f

SHA1
8dbed0507c73493884ef83717f9cfc9bdf5876fe

SHA256
12f9c553733b8af99b821f1d0fa40c8fbeb69a028d388f7fbd1e79446ebf017f

SHA512
0843e908f8d5601904bdc0abf34fe0692546b9d9a37b922ab24ee0cd27deaf6280e97e41441dbbfb7b0db753f380cd5213774510fe448c17d0d6294753bd8fd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
91f079ad493ec3dc2039d0108e45ce6d

SHA1
f12741c239eeb209472133aa457a20fbf01d3445

SHA256
e60b2d908e57585ef76020fa2d5f03f73175ccb2099eff42fafebf59235af136

SHA512
e036d53beda25903bccd08a9b1550c20204d732ba600a9dc37f2e258541a74c6c4607728958dd55e41e8bdba2298c07db17fe2b71173b551327c611eb3889903

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
33e4b4d20e8d61596980868ee363d105

SHA1
53e69cacdf1882dde9bf2951552686fe26f258b3

SHA256
7507271d14911dbf235e21a07c8ba2230f4c4b4e953308d50cbfa4a83d0c2c3f

SHA512
86fa95cf67ecdf9bc43d07c03af0b40ef62fd1bef571190c23367876675e753b4f7b0755669aea84a8233d32e4fed3df536d9316439814e36152656747aa8dcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583f46.TMP

Filesize
537B

MD5
2186000d9206e72061c3873f440e1725

SHA1
fd698e95f5c4bcaf9ae7eafa286762b0ea1eaf5c

SHA256
55c3f9eea40c0b6f3abffd18761857124bb60ee721a5eb2d829970412ee96785

SHA512
9aa508cc10f0dbe1b2577902a73abb38e28d0ede23a50a4698ff074541ddca60d708558d85e97b5d63c9533aa45e7475e5a30982f27438ddcb8230ad213d68a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e5b912e9-2696-42a1-8781-76950974df33.tmp

Filesize
5KB

MD5
aef8500369f31b3b3c9e92ac25f251f1

SHA1
fb6b30a05e027094708af638f2d1070cfd2091b1

SHA256
bd2274935a5d380c5b05f166d559c90db7af57a2904e4ad36ec8a3d55bbd4371

SHA512
b9ad4e4bffd075037e6deb9237d90be097c7d1aa0d60a6a5d32beb9d4a0e3d08ff6f2a4d0f6fc963a219cf70c38fdb7ffe9d7f05e55cd9a1cc2d956250ef5545

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9ed648316a92ff6e5935c945bfaa6798

SHA1
308d8b959dff715c480f98d1cc045482bba3aa6b

SHA256
1ea7d6bbeb89672032239c45b1483c6a20c5f7347578079357229651aff625f8

SHA512
70e6f3abd48bfafc36db77180cc9e9109c06e736a197c3d9e669ad2e52f3541e41006f6ab4416288a3f7e37d5bbfe06a6cc9dd2559211da7466a09a105009910

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit