hxxps://half-life-2[.]en[.]softonic[.]com/

Analysis

max time kernel
340s
max time network
343s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
24-01-2025 07:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://half-life-2.en.softonic.com/

Score

6^/10

steam discovery motw phishing

Malware Config

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
158	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DllHost.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings\MuiCache	BackgroundTransferHost.exe
Key created	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix	BackgroundTransferHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	BackgroundTransferHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:"	BackgroundTransferHost.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4368	msedge.exe
4368	msedge.exe
2148	msedge.exe
2148	msedge.exe
4592	identity_helper.exe
4592	identity_helper.exe
5704	msedge.exe
5704	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe
1072	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe
2148	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3268	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2148 wrote to memory of 1384	2148	msedge.exe	77
PID 2148 wrote to memory of 1384	2148	msedge.exe	77
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 3320	2148	msedge.exe	78
PID 2148 wrote to memory of 4368	2148	msedge.exe	79
PID 2148 wrote to memory of 4368	2148	msedge.exe	79
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80
PID 2148 wrote to memory of 4636	2148	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://half-life-2.en.softonic.com/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc3bd03cb8,0x7ffc3bd03cc8,0x7ffc3bd03cd8
  2⤵
  PID:1384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
  2⤵
  PID:580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
  2⤵
  PID:5228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
  2⤵
  PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
  2⤵
  PID:5696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1
  2⤵
  PID:5720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
  2⤵
  PID:5680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
  2⤵
  PID:5868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1
  2⤵
  PID:904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8768 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8276 /prefetch:8
  2⤵
  PID:5812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8956 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
  2⤵
  PID:5140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
  2⤵
  PID:5740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9352 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
  2⤵
  PID:6048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1176 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9380 /prefetch:1
  2⤵
  PID:3780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1
  2⤵
  PID:764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1692 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7464 /prefetch:1
  2⤵
  PID:6056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:5720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1
  2⤵
  PID:840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
  2⤵
  PID:5620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8688 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9328 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,18218502661966557500,8229574810795047341,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
  2⤵
  PID:5720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:764

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4520

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004D0
1⤵
PID:4104

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3268

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
- System Location Discovery: System Language Discovery
PID:6124

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,
1⤵
PID:3992

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,
1⤵
PID:3468

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,
1⤵
PID:3240

C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
1⤵
- Modifies registry class
PID:5532

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3d68c7edc2a288ee58e6629398bb9f7c

SHA1
6c1909dea9321c55cae38b8f16bd9d67822e2e51

SHA256
dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b

SHA512
0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c03d23a8155753f5a936bd7195e475bc

SHA1
cdf47f410a3ec000e84be83a3216b54331679d63

SHA256
6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca

SHA512
6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
17KB

MD5
29b8ae1d50ef8543dcebf4e9f53089ef

SHA1
90297279de99683b3903534459bc9962924d79fa

SHA256
2dcbd24e8f78b008251a1a0499c981a79be59fdf154ff9938a28ecb7e64cf12d

SHA512
6de295089b62bd50ff955c2e381be6bb0e59b1f0776946c5d3b5109fffb84ee2a673f49d2d5a56e5600d3b09fd8e9cecbcd0e677234a6f96c1194dd1e1c27c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
20KB

MD5
53c586a5a2e0e782493c4a650f725ad9

SHA1
432613a19a1f59b003a88d9818a6f16183ae5f14

SHA256
2139c9382afa8175a5fa0fe7bb616b8efacc4a2dc948d929ee17e482f765deab

SHA512
dec372f1e592f5d4e63498fab90fb059b2802de9938f2d00fcb42d28d24a2cd506ed274fb74e4a4d42179d4ce075f97d14935643f0e66f3c514f44ecad17ae0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
33KB

MD5
1bb6cca0e8d41d4ff1e244852154e68e

SHA1
9ffa5a16b870b74d7d17249ab53526167ca29065

SHA256
a8aa0ad779200a374d4b70a598590a284c2a7d18a493c6d46779128ce24728d4

SHA512
6cc2d61358f2aff6c5c5c47dbcaa884cc54dad02b19a9174eeeb8fa6ab547cc633eccf2eb204690cc39762508f26d698f811aefc56ec668092e749bdfd9cb7aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
152KB

MD5
5b9575b8540a93077af0044a4029a6ce

SHA1
6d39505b15f6660360689659f95a7f45ab5a0376

SHA256
7604e7a5083658ccd148e8c1c0d6ce4709d4d398d0fc7f209afedeb9468343af

SHA512
e9885c60d45bbd21de7f1cd276e92b82071a1e51097ecf21a5d95f0987bec8a403f5b7b8d0498bfdfaf301953a83b80bd070e287d532d82d0ff21606a23bff55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
94KB

MD5
d09dbf955d1444b09a79fa3f08306a60

SHA1
bbdf1338a4cd554373a8584e31d2b965ccf0de85

SHA256
7080800fc6260648168b640725a4df3c73021545915f4c7ca27d6d4f63cf1261

SHA512
35c6090f73b11c5c6c9f9dd1a0762528770ea92dc5c57584ba5510e8f2a2f4c396b597b950a9c243c8dcbff187ed16c84b0a74467b04fcf2e985f9b1ccdecb86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
21KB

MD5
43aae636c1198da1d475a245d2d9acf2

SHA1
ce45559167d95ec6dde5903fbd0fabed62ce5478

SHA256
9b65fa7ed0b5f478acf87370e34b5d98f77712fceb1caff78d394c98f30e5f78

SHA512
deb696c6f017c30d7f5f75e1fa0671c6594c9a24882764e0bcb923626ed1c0ecb932e6ceac4121bb355944350273a42867186ae6020d0680919528ffd10cb74d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
28KB

MD5
1752326ce45c039f4c5e81ea24c27c35

SHA1
4a22a9151c3c94d170cd3d23659e8e1a5a6f0070

SHA256
13dac981c708b9d1c6d7be7666ab5ff34718fe7d1362428217e88c75530774ad

SHA512
7ca5eb8b11184b97b7ecfed373420f7b9926839edcd36ea6bcc37a09190478175c49d7cfdb6dcbf1ecc8f2570feec9a0ac8aae08442fddef7986330043ff2d08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
155KB

MD5
eddb5c145aae9077fc75d4cdf108de65

SHA1
a47cdcca48c57f0591eb7bd2268999736b7a72d8

SHA256
f1bd58ce8b4191d93e23bd138a5b7859f721947f5296d7d83ee130dcb29fdd62

SHA512
91c201f88391ba2d1dfe96519d5b34edef662d04cfc0f9e78f8dda203b99d46b23f06149225ff634233a05093824096fb5a7d9db64241fa7e90cd1cebf5f6517

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
92KB

MD5
a7ba7ee929d9de1119ae6af01edabc85

SHA1
b37d19c914d5b6ebd931b2f932b0e476c2505b80

SHA256
753f9878c976ddb9cf03e08d4040bcb71bfc70734a16b6103c305759a79ea18e

SHA512
6ed77fd623158a74819f320d21ee82561b0174b04526f08d7c9f8f9b136a2749406bc222c377dd093aa7aaff9c00d1077a9e11ba688ae068371d44c4e3cbd95f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
155KB

MD5
10a933ab55624488b948d4826026b95f

SHA1
388d4dda9fff21372b7ed88993a394ecab274ff3

SHA256
2891a30a522da8283de9b8a483e46c2511de625036fbdd533316b85a4cfaa836

SHA512
90657231961cd791729e2f3e60e7046a2d54b1fae3cd59227abce2a57a7b7ad625f8208dde0b5bd853d9ed7e7d105c31293ab53e656922d96ea16fb0b3650873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
86KB

MD5
dc17aa9b308492f1c728248533751c83

SHA1
c04b0940cd4feaf27183432a6b72748b7d5399c2

SHA256
629ff371e2ec183d1fce856f6d323571602cb8c54349b5ee73d569a6d17dbb3e

SHA512
c7a97a17da037d8cf6923507f493093187ca165dd30bef9b0e9b07c39c2bccd2052a8115116fade18887340679b254a5caf7827637617e451d9029ce3807e451

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
20KB

MD5
be6fbc7eb601cef8bb3cbff1a8149b7c

SHA1
9b1419cd42bd7eb8c5d52d069509e9796dcb4002

SHA256
b27522359460e897ec824d300b042481cf67bbb68cb781b12935825d49ee34d6

SHA512
20d1e661881e386c45d01fd049d18a17b8aa76cec415ed7b47a43637332b7fa8837f8f154d97b9ee60473a0ecd1512a7e796c516322fb259d98ed4d364d6be59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
92KB

MD5
84fc524cad54ace024daa471d20cc110

SHA1
ec9ec6b2e426636dc4ec581aea67b300904ad55b

SHA256
4ac1d3131d57d4661a70fc290328eec25906d3ebe90bd7e8f0af7f1001b82e75

SHA512
14beef7966f160617bc52fc9b6d6598f2db69277eccbf460109a567648f0754829603f819bf4e9672a749999b077b9eaea1b0f50155b5a242d3b20728d8f1efd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
28KB

MD5
a762fb5a64dec4556d980f51ff3060c9

SHA1
6ac0b291cbbd8819e9a922c9c5228f76ad029983

SHA256
cfbdf62609fb4493b45b6b7a9a13c5357ab5e7447c606d9fd707dbca46359a54

SHA512
23169bb323a788ccdb915dac2a8d8c58b018c40941f2c7b10a3814a68b42ad3694d07d23e2eef31d77a7c16da355c98d796b94f82b8f352aa4825ec0c3e08b55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
48KB

MD5
31a2fb03fda5128f277eb054f6e33165

SHA1
ecfa1072af26f42629ff96770af1a322dbd3075c

SHA256
333dd1d27c0fe34ee781418c1a916f0ee052b7429548a198af724d272c943a42

SHA512
f346c9c90bd4b40f72dff9b89c6b2887d977f25087d66533d259e4f8475c677fec8a272c8c94bf3a9b866c5b1c98bd392f4703b91902d87a96a1ab1e554bd012

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
20KB

MD5
d8ff006363de5d28efc4bc41cddd6c7a

SHA1
b4950449bfcfde423c8fecc368257dcf2a346258

SHA256
0f2f2c4216f85517ab2f608010108f32416a23607fbaaf4e2294379073fae161

SHA512
11ad965b3eb86c073d96c808eb4b4fae5f6eafcf9ff0bccb74cf1aec7fc47154bdc16b2cd436a3c8ae069502b37ee24af78176344af0b6aa7b8de4e8896aa045

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
66KB

MD5
f53b6d474350dce73f4fdc90c7b04899

SHA1
b06ca246301a6aea038956d48b48e842d893c05a

SHA256
28442a56b016bfade0e368929138aaaadfc36156734e8ec7a6325b3e58fddc25

SHA512
7f275614052ebae8876ad28fc5d48e4f63ed9ebc610ed981f81377ea3ba4c49a2031ff771deb12adabcf33d4789ba35354c1e52524c067a9e7ce078703683f1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
20KB

MD5
b07da7aa3e4f363c5cdbc11312239e8c

SHA1
47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8

SHA256
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

SHA512
420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
215KB

MD5
7b49e7ed72d5c3ab75ea4aa12182314a

SHA1
1338fc8f099438e5465615ace45c245450f98c84

SHA256
747c584047f6a46912d5c5354b6186e04ea24cf61246a89c57077faf96679db6

SHA512
6edf4594e2b850f3ede5a68738e6482dd6e9a5312bffa61b053312aa383df787641f6747ac91fa71bb80c51ed52a0c23cc911f063cd6e322d9a1210aea64e985

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
41KB

MD5
4a686349993965721f090d158a10a6c4

SHA1
fb0f61ba49cfd7e213111690b7753baf3fcce583

SHA256
65451d12c37acf751e9f4732e9f9f217149b41eebad5b9028eac8bd8d2d46d8f

SHA512
0dc571487fd798b62678378c2dd514fb439f6c131637d244c8c3dd48d5e84267d21fe633c5b20578e621d5e8fe2958c5e58bc18ebe2d4731b18669fec4031489

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095

Filesize
47KB

MD5
0d89f546ebdd5c3eaa275ff1f898174a

SHA1
339ab928a1a5699b3b0c74087baa3ea08ecd59f5

SHA256
939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e

SHA512
26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b

Filesize
26KB

MD5
8ce06435dd74849daee31c8ab278ce07

SHA1
a8e754c3a39e0f1056044cbdb743a144bdf25564

SHA256
303074dab603456b6ed26e7e6e667d52c89ab16e6db5e6a9339205ce1f6c1709

SHA512
49e99bffcdf02cfe8cef0e8ef4b121c75d365ab0bbc67c3a3af4cf199cc46e27ab2a9fdf32590697b15b0a58ee2b7a433fe962455cf91f9a404e891e73a26f59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4

Filesize
60KB

MD5
702819f8a9a39563e05d145e473c0fd9

SHA1
b36c4ae38a4da6e7ba22bd04307763cf99fbc759

SHA256
6ee45a6a9e396d5bcfa5325d9b5d9006146f66772763296473b603b4e4519a14

SHA512
ee163d9d5966fd8ff081253da011030bb27fdc8f8ac23c7bbd5d5736b434e0cf9c2b743373b504c75f6781ad805f4e6343f52d0091f3e33a4ac304ea26f9fd26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a7

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2023c838235d4dcb_0

Filesize
252B

MD5
02d7f40ef8505ce5be817bc0f274f673

SHA1
546f11d7d27a796234671fcf446e3c25b0e55d5b

SHA256
649340b134fabeb9fe8da887eabb2da0782b8192aefc77c75e49343488e74e9f

SHA512
08299ab043c5196c4e43b7a929ca05732fd371931671a65687e4f6901db6ec410ef23778b977e8525391d8e6a6504198158de3c87d9997ca76b57e005bca1255

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0

Filesize
7KB

MD5
bfee4a90196062c66a2653ecd4c37d3b

SHA1
8e40f15bdd3864b7432c4670579be3cddbebc684

SHA256
a638772188deef2d505f269b37aa59b09ac398c7ee55b99436c2ccc88719af24

SHA512
cb14f9750d57adcfbf11b9ca8a209737119923b637d81244b335991eb3362da5fd88742fd36e9a4d4fd61cccb4e8820565eb72c029dca953afbb9bbe85484299

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0

Filesize
1KB

MD5
3bfbb9fb4cfb2271634c801823c850da

SHA1
9622881aa85fd37dbc022844c57a1e0145950934

SHA256
3a8fe87d53ac783389425a64304bbc498be3e22771be5b16fae7f38d767650f1

SHA512
06cb3eb1bfdb372d3320b9d37ffd40bf0d83b7aad00c72f4b385c1f1618509c41a66f46223e1f8b4f0961b8713b814eaa8db13ae58778dc81cbba731582245cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

Filesize
2KB

MD5
eabba4002143ce72c6718193d2f9c227

SHA1
9362336020437941a9f7b9cb977bf63e6c377a78

SHA256
9d2a678353d15d572b127f9a59bb1f62b210433cf44b56a145acc0c43bd1d367

SHA512
59364ff9c57014c491703f81235943278b61070d46c6b78d36e9a2c8f6e0ac6bc7e06dbdbec00ed71e5862bd02a4f40f5d6b7c33c05c4e22853f329883fdb27f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

Filesize
2KB

MD5
b2e494fbfb0d3fac47d815f44c515170

SHA1
9a92f104aa8429922647913c2f9d98431211cad2

SHA256
1449ecca7bb864eb5c1ce578cd5e253bbe0528d4176c511fe2bba35358b28946

SHA512
9f8fab0d386fa69fb9b3fbeed3a96ae004079c688e9d7ec7fcc913986d95b97580594bb505470873064efb5d7e74b932dae05ba76d6f1b2ed157070f90bb6248

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e53dd60d45f3bdd4_0

Filesize
241B

MD5
7802f2eccbb35016fc7e72fecc1abcbb

SHA1
54e99d823d881b0a38b104ac97e23820ba707da4

SHA256
068f51352d2e3e988cc4623ced7e0ca67933e9b0ac0b9f86a4dae50ab61ffd5c

SHA512
6acb66f32d67e1c010f1b978db2813d58471ecafe068a7ae5534f7847a48ddc67614e1ff1f216dd33eac68779fa1608d31a351819be1a5206942fe2e843f5910

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
ba61e9b1890f773f4594ee21413f1607

SHA1
8befb145d56d1cabea91835d9ac6c23b784f7ab5

SHA256
8c6375ece990b38dac5e7dc20e0374f97be05fdd99752cd6ca14db79f9b51b7a

SHA512
c55444e560a033d7e19e81e2bf64c8302b46b312cfa8011cc906372cc23c4e15c772a9db55d296816f08521849f7d08c1d85ee7521fedcd750fe7065673bc7f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
16KB

MD5
55224687c7848d6ec74858963370c1ba

SHA1
b3c0a12aed631057515819d25c4eb19b39c8aa24

SHA256
a87757a8a80aeefa47ae1cde6f8d8f38bbd4c7205d0dc2a6fbfdf2aaeeb84303

SHA512
4b3f18478e1443ac17952e02e91eda513f3b85e8e8a2825844cbe1de3f9f3090aebd258d07234d23180794899c0f784465e6f817e608910ad3360652c4bae365

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
17KB

MD5
272213385be27b8f8ec4b5f84aa9d69b

SHA1
57d3933cd571db3a75fa06ff6444f331ec519468

SHA256
43c9b34cff06d970a4b9735418d4d4715be7a5d720bf4277720a18033bd2078b

SHA512
d1d74118f8b61a6ff168d2ab948c7f094431a26966f50094e0e5dc051d061dc0c87f43ae8fc824fce6206e4764768a59c05618b67cbf7a5fcecb8e134f5e463e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
10a59cd61972644d109c4e0790c69eae

SHA1
e6fbef806713907944774ae55051dfc5ad3ed17b

SHA256
32ae44eb0cf35e7425f1cdc7cc95c7e98a247c090717f333012c77dcc6ad6df7

SHA512
191e734d579aa4dc6c1d0327f7f53605e5f4c3fa40002bc439a71b9be92917ceca339895b7f2c913aea25c89dddc84c03b3ab63779925161771972e2a4db949f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
82efd71950e7353d504bf34b2cb45865

SHA1
02ca76015ddd4630130e35ddf4c9161c452b8910

SHA256
bfd22916570d53a3a87a2d0bb7235fb12ea710c0767619fd69d4ad3206eef058

SHA512
a4b5e7611d75d8d82bb468483a84a341d46496ee7dbcf5d149944cf6482013f31747a9d61b7b55028928611d597804071a1a42520f24a350a5ebb07ae523d7cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
60cb22390a059543eac9c0cf4e0c6c08

SHA1
447b3128c361d22d0d2d1abfa3ed2baeb3a54f2b

SHA256
7e2f69ed60c5f2aa1376941cd11a58746a90befcc328285268f468fa439a3d31

SHA512
411d5dd6745ae94b70c35e9404c6b5fe61633ca6b3b630257930d20e69f3e521a54a3ef91877eaaaafb2a8f809030f7cf408583a3461fe1853d0a8d91aafb343

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
1e453b96dd87c5a869b340f3696a021d

SHA1
417e846f1c92e9deec5d3841fcb559536d0c635e

SHA256
a3510c24517ce537be07c2ecd3c815e72b76d41daf1e6a3d4729c3d8ef613b01

SHA512
e37f472e201e54abe1712c22e7fe5da6142a4314b700b162e73cb22839045f7294b1f25f10edec612769b0935e7b945b0f300fd6b6c2df7632ac79895039a564

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
08c22202e72cc767ceb4324cb70731fb

SHA1
b1a40bfe8947f7327b8d338632c16a5932063c92

SHA256
2625569f28ec87db63eacb2f4dc7b65d1ea0bf570a591706d2e26df722e63369

SHA512
f9c9e8224224814923f63115d3687989076f0bc110525462edc02a103863a5200cc977a5df396749bba3b83431fde379eeee6e56d12c4b7636a0d8a1e73c37a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
56f7d36075beb780d788885caaeaec2d

SHA1
2b2b7c79c3e96f79fa3b9a941825797c4d79230b

SHA256
868ee460e763d7445f9f9fa74ca10d4ac546b4aecfb23e630ca97cff1c91ee38

SHA512
b397f8c6ce0d6ca64c359eddb2f8a31ae9f4d88f08366e15dd730d0f9fc37922dfd15d098eace19d653fdaa6f4e30233e9b8abe55047ccb5c12278ce3f69b15b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
12883455f0be9075c54bb3e5c19a65ca

SHA1
39be4d0fcbbd9e0b2f80ad42304b6b88fa9edcd7

SHA256
5ec280edef7527cbff9033115186e12611de354f23c6b61ae155d45352a82887

SHA512
a2f905ff8377611b7e0d2f9d108552213f38a8a5bb698bb33a1e450e2ace44da8e6cde2a90c94c978cfbcf5fc13f52f300d6aeeb39c429efcad7bf91dcb3020a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
37ae1473c43419aa2655ad8c5a3b7197

SHA1
a7a56419e8ca4c5fd3313ff069f5b6e4fc26d3a7

SHA256
f6626c2416612703f2e2981bea86f427a07b75bb31f245d9a6cb7429c697c0d4

SHA512
67dd3eb8e1197685e63385e042ceceadcc15148d3eb1cea3407bf9c91f923f123891dec623d3b08f605661b626d6ebd7dfee6595fd37fb5914523e4aaa8335aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
800e6ce88f274ae259c8d1546e3a8ef4

SHA1
59d0e8aef1432f074fba2b62595c6a9221cfbb53

SHA256
2783ddcf809a705d647e6e6a363ac76df87254408c7788885094af0d12a72b44

SHA512
a79bd6c915740c312639b717ef1d3691c64db40ee738b6e6d7bd9c74f14c2e006734b5120de91cf5a342132cc0195fe0409cbcea15f9b5a34c1b0e57387e6889

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
d1b92b55f990dfd230e0783530904ad4

SHA1
6befd9d0499724ff96f2b6af6536fe57cb9adb72

SHA256
ef5e9cd7f46d95b0f16c9917af782a1789003eeb69f9de3879703dfeaa3a0eda

SHA512
ec055ee492c70b67729f22f3b1a58892852735367eae043353e35e0b0c31fb43b1a5d632ea40db1af75fdf8024414d6fb7e14dd7d2e0fbe95e19d51c1b7023e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
ed4287d624ab3384e01c2e34dc92d4f2

SHA1
44442c1fe0584c769e27b42b64d4850bcb6cc941

SHA256
2514725aa59db1fc61b1cb6a6bc42f3eb7275e4403c1f4a613a34e2ca59a316a

SHA512
5537368e49ae8c16f012c5e0b425b353eb22e6520a6d37afeff0b3dadcc6470950a420c8f7262171c0cd1e5bcd86acb2c9b751d33a056253c6ee4ac31d31591b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5c388c.TMP

Filesize
48B

MD5
cc0ba82b8b4607be373d8cc977c0e798

SHA1
e87889bc2dd421d7dbd3ab4d098acd933e991454

SHA256
4872b7acdb13a919f7214f32980d81d08027eeb89cd0ec46c5143fdd2fefe266

SHA512
6ec4976aa3e4132a6f366a449e87172f18a18360eb29ef4d8a2ea49e2c4d81ce0d4d28d21f3fa3ff8cb7a36fa4c17dfa7f9c085c8751a88282c7b33dfd38d71a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
36c1ca7d155c863a818df6ff48f65e5c

SHA1
9a7c8916fa46c5362b153fc83aafca7595af965e

SHA256
92d607037ed30bcab5aadf717b75fccee40ea9631b00deeebc82dd03e6375081

SHA512
5d960a7793ea81f0e6309fdec8e9edf6c24f776a94f1b445a7131f56b2d47e44dc33f929ea98922aac17a59475003ded92fc7f11de429ee2c72a887edf2970a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
239e9d6f32638ebfc50e3ff115fcfac0

SHA1
61c11bef99bd069c731b147fba9fbad7ca4295f3

SHA256
7ba56ec185e281a6d89e285bd7b9b65653e44c0141ab96398fac35e329b10fa9

SHA512
d7ce84af13b1d5e44665522688f0ec094284f970627c1e3787855563bcd20e4423a78b2cc37b9d9d776fb18afc7c548c7473c0428276b79e3e619bd37218f0ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
82b4732cb6f9ea2da3ab5ade80e1707b

SHA1
7d09f145e4ef8796e034a9d71a53370a74dd909f

SHA256
10e369c295914c183b14d4a721065c756e3c4d58401c706cbfc4ad07643b536a

SHA512
0f06a20f9c4faefd094cec205b2d150dc8f9d7e288e994e04faa49f0dfbecedf3d0154f8932e753e27cf1b88bc74c4262d0b33e75287364382a560287ee3949c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
4b84ab46226af46fede95f5437517105

SHA1
f0feb1b43e89fb2ba2af6a7952bcb63d1b34cc26

SHA256
b7ab4122f24eea1068a65527f5113dd3e5c8aa95ce1d16bc9dc2342ed4f02103

SHA512
0aa4ab1265c0b523565167984fdd09ad7fd605fc93f1de8f62ce2838af3ace76b9b34bf1f63ec724fc9e6aa43aa0e95b3acdcfb6c47691650c53c053c729f050

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
592740475dbd8a1b7f1c8fcec142a496

SHA1
f7ba8f71c43054f575ec73d73b50912198bb9d8b

SHA256
b1ad07a840f00391c28c9a22ce48b67a2c30c83d510dada4a0c9b7654e435ad8

SHA512
c7cba45e0bd7ba40ca72d8989100075dcf3676b01f0258476fe8fbaa88608277c404d2bbd31aba5c8e40b7b6ea5b1e1d5758b7f6a5aa2f64720fa4a27cfc2c55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
8e5c57ae248a2d43632d82da83278986

SHA1
b50e8bc4d989d587870624f1e47b0b5dee7566b9

SHA256
e28a3ec86f615ba1ebc1115ca790415e8d464468a54359d5c86f04baee73b4e0

SHA512
1afe97f543df884c40ab3f1d7d39478f511c812d1ea20b9c925855673230a3a87e8043ee5fff4ec1d636721d88b51238db141fcc082acdb7d33ca062ddaca486

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
326fa8423a0ccfeb4a02581bcb9ed7e1

SHA1
aa9afdb2caa6c0977695f69cd25e9db360d9a2c6

SHA256
452529b58eba447455aff30019a09cd40de37ed8fd091c0269a07a1e34891264

SHA512
64f33ece5b95b55134226436ed620f04099b83dbc4e991218a42ac5412bc1f2a368046414e43b8fe65a4f0df7f54423560f6f49d61d4635fac6343da7764d191

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
b2f2672cfa3554a5d91df67cce5fe875

SHA1
ab882ac8798621b7879054cd17db1ea4621928c3

SHA256
097be831d07f5115976901459b4dc8bd2c68c1cca5f87e0956ddb6648ff0aa15

SHA512
24d1862ad2e893d19d0ea9c810d243821aca49aa57e099f41ce1670e9704d108ef195e0022258f33417c87fb3ce08cd3a7ba770a03dbdf2820bab748b32fff05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0fb29cc6bb247b419e4860f08bd56b97

SHA1
5d712714b3b831b606cb86d6bb211da22595a594

SHA256
86b4bccc0ac2dfc1182b5ca4c90f1103934ce0aceaf63b82cc2581049aeee0c3

SHA512
aefa97b1e8a03a299e29dc59bb689e2eae28c5008b10287f0dbdda30b0c7f3c104bdf2dee54c24d6ef72916a8c48b2b072be0a21c802e6f1f527d98fceb1fbea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
28b30b090cdd23e9c330df886b0f33c2

SHA1
1ffdb819d74cc46b1c577eb4dd4d4a165fbd4fb3

SHA256
3a7ce3ef6fc0f084252139846b48a67933f097e552f09debbf44c5eacad41300

SHA512
1e5ff7a552d5075c47b081fa1d27a0e896390790c6670217d0d3c5636707d0b3998d5105c1b16579ac864d8e331cf070c43e89d244029a57e92d222b845cede4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
dc06530cb95ed2c2ef1999e5968b58fe

SHA1
9cb2df90389bd62a98ad15fa0b0a5ae0576e0fd5

SHA256
7446a7a975e38ae81614193b34f0a0262a091612130c0b2655fcfd3796b7c81e

SHA512
530c35cd361f5f7d1197314253a710efb591038fedd2859c225dccd9baccf1b53948927e930327d5038c11839e820d76356ec0e90f7949bf5900cee78f9949dd

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\9a5c3f6f-856d-450b-9305-f1c7eab665a6.down_data

Filesize
555KB

MD5
5683c0028832cae4ef93ca39c8ac5029

SHA1
248755e4e1db552e0b6f8651b04ca6d1b31a86fb

SHA256
855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

SHA512
aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
d6d3499e5dfe058db4af5745e6885661

SHA1
ef47b148302484d5ab98320962d62565f88fcc18

SHA256
7ec1b67f891fb646b49853d91170fafc67ff2918befd877dcc8515212be560f6

SHA512
ad1646c13f98e6915e51bfba9207b81f6d1d174a1437f9c1e1c935b7676451ff73a694323ff61fa72ec87b7824ce9380423533599e30d889b689e2e13887045f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
12KB

MD5
7fb83ce3e679ae9b137c2d99782152e7

SHA1
83ebe4d9678c611dd1d9d52b75e34c53e303f4d4

SHA256
70713190e9a2a68863f1f5378d7659d01c46f66e4425023ec3505522d5c5cb22

SHA512
d2a08a1d614509beb555d9e97c0f5566d94f3a51d12944c81949702ed6417301a7ea29f77280da7b305af179cdb5781ee751e1a3609087fda678237141150ba9

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
17KB

MD5
ecfdd999e10c05c3e8d3d36abfe4bfef

SHA1
ac9f2cb3db0e4733335d8582af21b51d6ec155de

SHA256
e613cff817605ee2b5d2e84b38c0dd80c529d8422c048f2781734f43ada747b2

SHA512
3fa0df31aadffd33ed215b887272fc38be7f28ef2b2a05e32e358103b44c9b983a8fd7a7a0d0435ac5ea5dc4b2b0339b8ed46ed87bbb27c58ff9861cd96e6dd8

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
14KB

MD5
22b3e241b38896ef857410904ce77eca

SHA1
20660407cf73015c3f7993fc1e1e0901940cc9a6

SHA256
5e0340b62f4907e2b0014e7ca0415ce645bdab4fbcc4847e297fa66e6d4b4b2d

SHA512
5be15b14f4ce098386f6e9534f3185dd1e9ebb913bd8f8885e504e01d2c0e707726544422f63ff409d7e1c70002be2b9f0c2dd62685511b3028bbc8261c588d2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
17KB

MD5
87217c3ddd7b6dbe328e673ee08625a0

SHA1
c057558bd0cf88b12e9bd5da5b3d1d4d69770ff4

SHA256
f40d4a9dc4bd1dbd9ccd12ec8cb37332cddd6c0bda4c99dc6e0509cbb39dd8ca

SHA512
9afb858a1b3d4ac0edad1a6d3fb27b9c14689c0a1fbd37617abbb97508f738b9740601fc24ae0e7356b66d662cb67eae1bb962e7dcfa92269fb2b61323fd5190

Download Submit