Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://www.techspot...

windows11-21h2-x64

10

Resubmissions

26/02/2025, 07:07

250226-hxv49sxlw7 3

25/02/2025, 03:33

250225-d4lf7a1p14 10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25/02/2025, 03:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.techspot.com/downloads/5235-minecraft.html

Score
10/10
cryptolockerdefense_evasiondiscoverymotwpersistencephishingransomware

Malware Config

Signatures

  • CryptoLocker

    Ransomware family with multiple variants.

    ransomwarecryptolocker
  • Cryptolocker family
    cryptolocker
  • Modifies security service 2 TTPs 1 IoCs
    defense_evasion
  • Downloads MZ/PE file 2 IoCs
  • Executes dropped EXE 5 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
    phishingmotw
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 2 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

    defense_evasion
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • NTFS ADS 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.techspot.com/downloads/5235-minecraft.html
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4384
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xe4,0xe8,0xdc,0xe0,0x10c,0x7fff4cb73cb8,0x7fff4cb73cc8,0x7fff4cb73cd8
      2⤵
        PID:6024
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
        2⤵
          PID:4368
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
          2⤵
          • Downloads MZ/PE file
          • Mark of the Web detected: This indicates that the page was originally saved or cloned.
          • Suspicious behavior: EnumeratesProcesses
          PID:5656
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2496 /prefetch:8
          2⤵
            PID:1848
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
            2⤵
              PID:4540
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
              2⤵
                PID:1748
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 /prefetch:8
                2⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3648
              • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 /prefetch:8
                2⤵
                  PID:5072
                • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:3916
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                  2⤵
                    PID:5996
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
                    2⤵
                      PID:2976
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
                      2⤵
                        PID:5468
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
                        2⤵
                          PID:5888
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
                          2⤵
                            PID:5880
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
                            2⤵
                              PID:5872
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
                              2⤵
                                PID:5856
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
                                2⤵
                                  PID:5848
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1
                                  2⤵
                                    PID:2468
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
                                    2⤵
                                      PID:684
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7000 /prefetch:1
                                      2⤵
                                        PID:6132
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
                                        2⤵
                                          PID:3156
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1
                                          2⤵
                                            PID:2012
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1
                                            2⤵
                                              PID:2272
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
                                              2⤵
                                                PID:3340
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
                                                2⤵
                                                  PID:2532
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1
                                                  2⤵
                                                    PID:2584
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1
                                                    2⤵
                                                      PID:3032
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1
                                                      2⤵
                                                        PID:2076
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
                                                        2⤵
                                                          PID:5112
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1
                                                          2⤵
                                                            PID:3184
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
                                                            2⤵
                                                              PID:3096
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
                                                              2⤵
                                                                PID:5916
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1
                                                                2⤵
                                                                  PID:1268
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1
                                                                  2⤵
                                                                    PID:5144
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
                                                                    2⤵
                                                                      PID:3028
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3832 /prefetch:1
                                                                      2⤵
                                                                        PID:1984
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
                                                                        2⤵
                                                                          PID:2256
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8032 /prefetch:1
                                                                          2⤵
                                                                            PID:4268
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
                                                                            2⤵
                                                                              PID:3660
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
                                                                              2⤵
                                                                                PID:4964
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9232 /prefetch:1
                                                                                2⤵
                                                                                  PID:4000
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9120 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5212
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5884
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9000 /prefetch:1
                                                                                      2⤵
                                                                                        PID:1076
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
                                                                                        2⤵
                                                                                          PID:2836
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
                                                                                          2⤵
                                                                                            PID:1616
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
                                                                                            2⤵
                                                                                              PID:1708
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
                                                                                              2⤵
                                                                                                PID:4724
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9036 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:4516
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9124 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:900
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:6012
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:4396
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:5964
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5916 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:2068
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2612 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:4188
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1120 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:2752
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:4552
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:6104
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:1812
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:3316
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5984 /prefetch:8
                                                                                                                        2⤵
                                                                                                                        • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                                                                        • NTFS ADS
                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                        PID:3360
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:4672
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5064
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4572 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:1812
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:4444
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:4436
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:2156
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:3104
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:2780
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8840 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:1808
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:4716
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:4544
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:5892
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:2188
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:2148
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:1128
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:4520
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:1984
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:4420
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:3060
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2812 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:3360
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=876 /prefetch:2
                                                                                                                                                                2⤵
                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                PID:3248
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7684 /prefetch:8
                                                                                                                                                                2⤵
                                                                                                                                                                • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                                                                                                                                • NTFS ADS
                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                PID:5888
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1864,7819194567035349353,17794812522179319428,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7028 /prefetch:8
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:5248
                                                                                                                                                                • C:\Users\Admin\Downloads\MinecraftInstaller.exe
                                                                                                                                                                  "C:\Users\Admin\Downloads\MinecraftInstaller.exe"
                                                                                                                                                                  2⤵
                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                  PID:2304
                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe
                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe" scenarioMinecraft
                                                                                                                                                                    3⤵
                                                                                                                                                                    • Modifies security service
                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                    • Checks processor information in registry
                                                                                                                                                                    PID:2476
                                                                                                                                                                • C:\Users\Admin\Downloads\CryptoLocker.exe
                                                                                                                                                                  "C:\Users\Admin\Downloads\CryptoLocker.exe"
                                                                                                                                                                  2⤵
                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                  • NTFS ADS
                                                                                                                                                                  PID:1828
                                                                                                                                                                  • C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe
                                                                                                                                                                    "C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe" "/rC:\Users\Admin\Downloads\CryptoLocker.exe"
                                                                                                                                                                    3⤵
                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                    • Adds Run key to start application
                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                    PID:4140
                                                                                                                                                                    • C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe
                                                                                                                                                                      "C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe" /w00000234
                                                                                                                                                                      4⤵
                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                      • System Location Discovery: System Language Discovery
                                                                                                                                                                      PID:5216
                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                1⤵
                                                                                                                                                                  PID:5608
                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                  1⤵
                                                                                                                                                                    PID:3344

                                                                                                                                                                  Network

                                                                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                                                                  Replay Monitor

                                                                                                                                                                  Loading Replay Monitor...

                                                                                                                                                                  Downloads

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                    Filesize

                                                                                                                                                                    152B

                                                                                                                                                                    MD5

                                                                                                                                                                    fe68444a298dfe7ce3afb15e1e04dc2d

                                                                                                                                                                    SHA1

                                                                                                                                                                    ce8500b8bc9f8033bf5f6b28174d04852e996cde

                                                                                                                                                                    SHA256

                                                                                                                                                                    4fa17fcbb66e9306869abf881cf02c7b890bd34c34852c8a8f0e276bab375ba0

                                                                                                                                                                    SHA512

                                                                                                                                                                    ed3aec46de266977a45e00363f3e258e53e9763fd5304861d2a7582344f6364f9dba20d5a13e6c2eee42e6bb875eec2f3e900f45cc64bf911e7055008c2374c4

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                    Filesize

                                                                                                                                                                    152B

                                                                                                                                                                    MD5

                                                                                                                                                                    648295913e8e74a91d84a0bd6dfa0efe

                                                                                                                                                                    SHA1

                                                                                                                                                                    e42c17ec7e237fa16204bd204ba0d47c2e7aa057

                                                                                                                                                                    SHA256

                                                                                                                                                                    3f46ccf49be312c1e7b3cd94ff1d27970975d6a80e052769daf31c772adb260c

                                                                                                                                                                    SHA512

                                                                                                                                                                    6e3f03fade65388ad14c2443300f79d028986a7863d32ad731a3b1aef4bc4937e7cb150c814947befdf4d2a8510f70368ad35621ae854b9037e46488df7423e2

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                                                                                                                    Filesize

                                                                                                                                                                    362KB

                                                                                                                                                                    MD5

                                                                                                                                                                    48d1e4aa7037dd1e78ea2e147b9accaf

                                                                                                                                                                    SHA1

                                                                                                                                                                    440c413e2f8efa6507ed9d62e355d081ad423ba3

                                                                                                                                                                    SHA256

                                                                                                                                                                    c2243dd51eaf78dd80e147f5d1e948014fb6f4e8d8bbc273ca52a6ce59470d5d

                                                                                                                                                                    SHA512

                                                                                                                                                                    111398ff7d01ae284b7cc2456012fd7b963ce612729e6b95e01f810241bd48c1c1676ae0349ba6907b7a4681685c1199c775f0b697d31cd4bc4bfc51743443a2

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                                                                                                                    Filesize

                                                                                                                                                                    19KB

                                                                                                                                                                    MD5

                                                                                                                                                                    c5d3e31914c3d018efacb848d09420e6

                                                                                                                                                                    SHA1

                                                                                                                                                                    ed24b7deed7fd2024d139adb1a2fed7560fb6331

                                                                                                                                                                    SHA256

                                                                                                                                                                    ecc58f4a3891134548f6965e8d3bbfd70b1a04a68fb06eac4eff9cda2b4f21f5

                                                                                                                                                                    SHA512

                                                                                                                                                                    122ed32ddc2a294e4f62e4ee77a1c91ab983eece154d3f076cb89ed43abc0a80a3c1f08526b6625ff965b7ad616c4d45d5a20819b392923e6c9066eda9db538e

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
                                                                                                                                                                    Filesize

                                                                                                                                                                    80KB

                                                                                                                                                                    MD5

                                                                                                                                                                    a0f220a4030dfa191440f27f69b1f377

                                                                                                                                                                    SHA1

                                                                                                                                                                    28f38499272539877a41859e68a254801dca1edf

                                                                                                                                                                    SHA256

                                                                                                                                                                    a29ba43e3315630b9836cdb227cfde2b6c74b9cb3afe6309d4201fa85e8e7742

                                                                                                                                                                    SHA512

                                                                                                                                                                    7749ef63018c697084974ac6283888bcd39526ee2bd3056f81826f66ef486ee515bdbaa4250a071c04d0d783f05a2a12b6decca8d683c5afdf75fd0fe2f50369

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
                                                                                                                                                                    Filesize

                                                                                                                                                                    52KB

                                                                                                                                                                    MD5

                                                                                                                                                                    f06b26eea3ac304874c00d46466b632e

                                                                                                                                                                    SHA1

                                                                                                                                                                    f3f93b2bfbe59c059e219717c9f3939e9d6cdb8f

                                                                                                                                                                    SHA256

                                                                                                                                                                    d749b7472d2fc341a36adccc1e4ae5eab7d2d42c89a10794b24455ec4c97f3db

                                                                                                                                                                    SHA512

                                                                                                                                                                    e7c72bc20abc5c5a24916e17f74c501be62fe92f9441687204ef9cf6164c7ae4c5ee21253f5f89c716e0e34eacbc8021f9b7e9eb5b3a664c120edbbf900f20e3

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
                                                                                                                                                                    Filesize

                                                                                                                                                                    43KB

                                                                                                                                                                    MD5

                                                                                                                                                                    f7bc6d476cbe58004904729c28f2df32

                                                                                                                                                                    SHA1

                                                                                                                                                                    a659287161a18f5340f3546c5210b5cdeb24cf24

                                                                                                                                                                    SHA256

                                                                                                                                                                    a2890230c090ce1830a1bad4013eb2f2b9fc2b415a57eba9a8c8b8ed048bd13f

                                                                                                                                                                    SHA512

                                                                                                                                                                    7fde02c8aa4931c4c6cb162b767c7df29c645f5a3540af49c65ce0e9a78520677306c9b41e8fa03f9e480f1ca827a825885c79a8bba9c25f13565699e7ccbc19

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
                                                                                                                                                                    Filesize

                                                                                                                                                                    111KB

                                                                                                                                                                    MD5

                                                                                                                                                                    91aa4cb384fae5d4998b7cdb77f45120

                                                                                                                                                                    SHA1

                                                                                                                                                                    80589fe4b25dc80441af29d43b1cad873bdd50c1

                                                                                                                                                                    SHA256

                                                                                                                                                                    2b3ba2dd8ed4c473de678c2156e420834815484c9fa7b1301f3d0f467bd6fe08

                                                                                                                                                                    SHA512

                                                                                                                                                                    2716deeac23ca0ebc369aabd520e4561d00053c54406bb20e05db0ceb66ef016c4ca6bb284813fc2e6344cf91b60280b5b621ef1b0ea54245975d50c20d4380c

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
                                                                                                                                                                    Filesize

                                                                                                                                                                    49KB

                                                                                                                                                                    MD5

                                                                                                                                                                    b504b8d416417d9c6037fe7f90d5f9a8

                                                                                                                                                                    SHA1

                                                                                                                                                                    53a860a8c6da8e0a496fd44e7e1148e5cee52b98

                                                                                                                                                                    SHA256

                                                                                                                                                                    29ceb904251a26109b78354a2af335490944843a349a37ae63b1178ae793f0b5

                                                                                                                                                                    SHA512

                                                                                                                                                                    cb5bb106eb8acf6c7b5c4cb770795919ba67e7ac7882f036d1d69090035416b901ba3c374b4c74fd6f08f80d9cf82b8c6129e7688a3e74765f08813fba814c8d

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
                                                                                                                                                                    Filesize

                                                                                                                                                                    60KB

                                                                                                                                                                    MD5

                                                                                                                                                                    714279718ca6cca7309186501204591a

                                                                                                                                                                    SHA1

                                                                                                                                                                    e9e34e90b3dcaeee028d9cff4ce395e597773a76

                                                                                                                                                                    SHA256

                                                                                                                                                                    6088c8cddb4615e35c83297313dd8078992a34380f49edb0b54fbae0dbd48ff9

                                                                                                                                                                    SHA512

                                                                                                                                                                    45244be894293b1d6f8d55251971d545dca8277d18fdf4803698aa75ec92886b03c7dc2bac8f875919ff83d9a3120e97ca2a0e3edf703d9e62c6ea90443fc870

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
                                                                                                                                                                    Filesize

                                                                                                                                                                    32KB

                                                                                                                                                                    MD5

                                                                                                                                                                    31325116062acbc72e62d16f052b17b1

                                                                                                                                                                    SHA1

                                                                                                                                                                    ab1a419af6778c2616e3f4638d2a9db22825c2d7

                                                                                                                                                                    SHA256

                                                                                                                                                                    e692b2faec9cc885f91c9612f257f0e257141baf740bfa3f7167e2a0549574d3

                                                                                                                                                                    SHA512

                                                                                                                                                                    8307f94ba76be0611c4b04ab1cb0206422b94ffc5c99dd358aa2a48a7b44c022e7b9a2575f5a9b6ee694b33bd90e1c5ab750cf38e9d16d49daf62e713d3cc0f2

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
                                                                                                                                                                    Filesize

                                                                                                                                                                    90KB

                                                                                                                                                                    MD5

                                                                                                                                                                    d88676d337d82fb0fcd90ff4f61ac20c

                                                                                                                                                                    SHA1

                                                                                                                                                                    ce5a31b41504ce58228fc773d688150199842e12

                                                                                                                                                                    SHA256

                                                                                                                                                                    92b04204237483051d431cf123df1edc11a302c429ce8cdc8476e709c42749db

                                                                                                                                                                    SHA512

                                                                                                                                                                    aa07df57397c86781b47b110f25a875b8a40725d15acf19e454b5ced614504de07fec042f8bf2f4451eae5244841be020342600517c40475647905279448888f

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
                                                                                                                                                                    Filesize

                                                                                                                                                                    107KB

                                                                                                                                                                    MD5

                                                                                                                                                                    25c99f11e602902116422792cc50db1b

                                                                                                                                                                    SHA1

                                                                                                                                                                    3f158e2863a05c2f4b558244fd263724d319a830

                                                                                                                                                                    SHA256

                                                                                                                                                                    cbecfe215a261f6e824403f61b2a5e9581af3c4c972467efa60e55b862c522c1

                                                                                                                                                                    SHA512

                                                                                                                                                                    524791e6f77cd7eb805b8070a6cf981ae9ad69cb3d3d7e0e8a320190ccca2dcfa919d6b7d576266d805f16994a6c5a0403cb26ef923932b9016aca47471760ed

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
                                                                                                                                                                    Filesize

                                                                                                                                                                    77KB

                                                                                                                                                                    MD5

                                                                                                                                                                    be012fbbd43af146552a307c9b8411c7

                                                                                                                                                                    SHA1

                                                                                                                                                                    795d36e9f2f379a42ae63c2c2ca94c4c6d00346c

                                                                                                                                                                    SHA256

                                                                                                                                                                    c49464d89acd2f59e744b17d29b131e05125ef00851827fa42702d42d573ba83

                                                                                                                                                                    SHA512

                                                                                                                                                                    56cf4c96df743862af7ddb4b2a8bc66246fe81b0514fb51fe028ed6fcbf4083df172f830efc844e8673680010f75d31d13fa7777063b820a64257a9ca8d4c7d0

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
                                                                                                                                                                    Filesize

                                                                                                                                                                    159KB

                                                                                                                                                                    MD5

                                                                                                                                                                    05d5f99f479d4aef0c0354653c52c17b

                                                                                                                                                                    SHA1

                                                                                                                                                                    d6651e452d2f2a117b550f8ad4f50e4dcb53e9a5

                                                                                                                                                                    SHA256

                                                                                                                                                                    cb7827059d2f73e75bbc0e8a3faa8999392e182a176e02aab395d9d760b02bf8

                                                                                                                                                                    SHA512

                                                                                                                                                                    ffbe4481efeca77d2748c8dfbe0b3e8c0f23dd17e3ec51ebabbb21c1931b44810ca75ceb8b582e894d37e6b81e4bd0f9391634679393a6bdfd958e6aed102891

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
                                                                                                                                                                    Filesize

                                                                                                                                                                    29KB

                                                                                                                                                                    MD5

                                                                                                                                                                    3f397c66641c9229212fd516c66a60cf

                                                                                                                                                                    SHA1

                                                                                                                                                                    0e871c6799f538f0b07378967839e22c53a882d1

                                                                                                                                                                    SHA256

                                                                                                                                                                    05bb87e54d557596fdf85367ae1a3d95a2a9e86b124bbfc6eabf70edf11a8b5c

                                                                                                                                                                    SHA512

                                                                                                                                                                    e285bf33ff837cff25fb27cc494a8ea5fd92d6c156120a8c495b2c7db4cec1710aed71a8ae3e69a7aef73d5336755184052cabf9f09fa81b2a69bca2e87103a2

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
                                                                                                                                                                    Filesize

                                                                                                                                                                    20KB

                                                                                                                                                                    MD5

                                                                                                                                                                    4ec8a9a5aa9715da8e0402f22ac990be

                                                                                                                                                                    SHA1

                                                                                                                                                                    db8a0e19de86ab54b441101079fa1fb23a77e4ce

                                                                                                                                                                    SHA256

                                                                                                                                                                    ea72c38403d6959962720750c01257625ccb79bfdef314220df5f87e2487def3

                                                                                                                                                                    SHA512

                                                                                                                                                                    44d6d77211ac28dd5f24f89ae02277cbf291e04ea18fc2f9c35a435afbbd5d320cae3a7a1f76138b86016f2a5483fb98c622bf93d31dd7651c0b14cbee819411

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                    Filesize

                                                                                                                                                                    1KB

                                                                                                                                                                    MD5

                                                                                                                                                                    66a1a496344c0fff1eea8fcdd0d7e6a8

                                                                                                                                                                    SHA1

                                                                                                                                                                    9cd2e78526580295dc5a4fb4e8dacd5842f18472

                                                                                                                                                                    SHA256

                                                                                                                                                                    80434902afa9d84e97a4ad94acc5a9c19aae996e9457eaef95c115211645d743

                                                                                                                                                                    SHA512

                                                                                                                                                                    20bdbc7c54ccc406c910a144de56bc0c3b9321378e90deeebe91054192c96543b039c7eb198d8209c17448ca37a9c4b78f8af03edffbc4390af954273923959f

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                    Filesize

                                                                                                                                                                    5KB

                                                                                                                                                                    MD5

                                                                                                                                                                    00bef5902360e88e6ace4c9787961e72

                                                                                                                                                                    SHA1

                                                                                                                                                                    8d30db189b84adbae7630fb1c89ef415db50cca4

                                                                                                                                                                    SHA256

                                                                                                                                                                    2949c38fecfa3bbaac6fd8d7219a1f04bb28fb962cb578b402b12fefe208cf42

                                                                                                                                                                    SHA512

                                                                                                                                                                    dffa35c14a8a2969c523c16d7c8513e39a99a6600345e961941b328794bf8d873eab697cffb2f1b98da78a550a4872c9ed9b10ef35dfc944bf1b3b82c210ffea

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                    Filesize

                                                                                                                                                                    14KB

                                                                                                                                                                    MD5

                                                                                                                                                                    75f131adea8fe0e2eb716bdfc42d12a7

                                                                                                                                                                    SHA1

                                                                                                                                                                    dde943911c2165652aa90c63b254b1823c7f7892

                                                                                                                                                                    SHA256

                                                                                                                                                                    cdabe620272f37f30585014984846a815a45b5070cce745b0fc35488b1d4e289

                                                                                                                                                                    SHA512

                                                                                                                                                                    3c75439ceaae989f385f538db6284474fa7be79e8528e52eef5ce87a12a277aa4b37350bd405377077be32574bb96751a1612e47e8b15ea08d2ece2c83c0a0e3

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    6KB

                                                                                                                                                                    MD5

                                                                                                                                                                    514fcae3907b6792840a56564c706e3c

                                                                                                                                                                    SHA1

                                                                                                                                                                    dde64997f35348c98ea82ed85ed68ce6cfcadc36

                                                                                                                                                                    SHA256

                                                                                                                                                                    e0ace5e976bddb826308398a790f9e08b78cd96ad48669b652ac54871dbba605

                                                                                                                                                                    SHA512

                                                                                                                                                                    5e81147d72d939720c8a6e39e0165bfaf19422d4a58b0b7b7ceb272944dabea1a361f9384514ead1c95000a21df071ddabf6605455109dc3912ceb06de6cb136

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    9KB

                                                                                                                                                                    MD5

                                                                                                                                                                    ac2cf785cd6e2e78bca00bfb581ec3bf

                                                                                                                                                                    SHA1

                                                                                                                                                                    cc42abdf35eb6755d7393a7f91fb15f553f478ab

                                                                                                                                                                    SHA256

                                                                                                                                                                    5d6f5dd26121289a3cfcc9941f5bc93c5a90e12c216699183302cdaf35715547

                                                                                                                                                                    SHA512

                                                                                                                                                                    22c6ada64f6b3864a834aa561b8bd1e78d13b101fce5393fb4832529ccc7b67150155d6874096ad97bc52c0a2c8a1e207e8f03afdf3111b4bedb2dc42bb34b97

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    15KB

                                                                                                                                                                    MD5

                                                                                                                                                                    e0c74c81a5ed6bccd597b9645b0ba813

                                                                                                                                                                    SHA1

                                                                                                                                                                    f5eb3abc332f6e843b318fbeb3e93cde51c9d501

                                                                                                                                                                    SHA256

                                                                                                                                                                    6e6734e04de73b3a7f3f50c0467758efd5bf8bdcd89b554bdcddc13536d28013

                                                                                                                                                                    SHA512

                                                                                                                                                                    cf06680007e17ab8d383e0f17d2350665c257041fb4651cac5366b792d7d3ebd1a3b45578c55efffa8b9dea11cb4e775c8d1b057ff394c8f4ee2d2d9ab50c70d

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    17KB

                                                                                                                                                                    MD5

                                                                                                                                                                    45e2eb22cae867463f0c09e0d4a4028d

                                                                                                                                                                    SHA1

                                                                                                                                                                    85f7180eeef86d35ed18039f7996f0c1e18258d4

                                                                                                                                                                    SHA256

                                                                                                                                                                    bbae89d73abfaf27bca5e0fb1802220326a3c1a6b1689d8ddd72169f604705b3

                                                                                                                                                                    SHA512

                                                                                                                                                                    210bfbf3973121273d271683d2752184013b869ba1527f9f367ccffeaa28b7e9d3266e0073f7f77ff34ae2e57fcd48faa4e2a07ec9a79ff16e37466706930b3a

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    17KB

                                                                                                                                                                    MD5

                                                                                                                                                                    0d0c68322779bc23b615d358a89a8c2e

                                                                                                                                                                    SHA1

                                                                                                                                                                    1681ba9ffa15d69253e6eadebc2795dcfba0528d

                                                                                                                                                                    SHA256

                                                                                                                                                                    e46c8f990f3b0c8fd55745861d40c8134e727d98523b7616ec567f1648e93dd2

                                                                                                                                                                    SHA512

                                                                                                                                                                    0bdc14b36db1cd305da484f1fb0ce3aeb853c8647bfbd6beaab5f0bf737403bc69ca16ba3139f984e96073705f3c6385afefc01899e6a93f0393701decd01efc

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    16KB

                                                                                                                                                                    MD5

                                                                                                                                                                    f9a746d47a4ffafb1b2e6fad101cd962

                                                                                                                                                                    SHA1

                                                                                                                                                                    ec7ed127682c56fb0540622eb5b28f88b9f18bba

                                                                                                                                                                    SHA256

                                                                                                                                                                    0270fe1bbd11bdc2cb683ffed0524ec81764e39f199105607e8eec4b0c99e4c5

                                                                                                                                                                    SHA512

                                                                                                                                                                    5fc845b7839f0f87a91768c2a4fcea57edc481c73c70bddd4857c7d0bb11033196289438eff8650e63fd56ff517d73a9296d0145ff4ab8f15730494aa249313b

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                    Filesize

                                                                                                                                                                    16KB

                                                                                                                                                                    MD5

                                                                                                                                                                    e0654a35963377b63e5e93691dcf6783

                                                                                                                                                                    SHA1

                                                                                                                                                                    d432d90d6d2b2ea8df7c24cda327f4318f9ff9a0

                                                                                                                                                                    SHA256

                                                                                                                                                                    3466fadc80c0b793f2b53a1d703fd535c2c37975f9435ff7b327b11fa3082aee

                                                                                                                                                                    SHA512

                                                                                                                                                                    8fe285fe8b307d20732491a608beea8a32820094cb220a442c04328538c583858500911ce04925554555ca245b95391406f208717e595b1439ecf9405606cbe9

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    4KB

                                                                                                                                                                    MD5

                                                                                                                                                                    a88b9b473c346034b373b7cfda0f7b47

                                                                                                                                                                    SHA1

                                                                                                                                                                    0a3d819266c14510d9de7ebd84fe70307d275392

                                                                                                                                                                    SHA256

                                                                                                                                                                    f71886382a0a36dbd3173e73a516dbbaf4fcca42a1785e45dd221ee6b28b84ba

                                                                                                                                                                    SHA512

                                                                                                                                                                    933552e67f8e2b7d45b35e6bff7e681e7cef8d553cca240fe4ea2e40971fd3cdc4cee131d6baa9183496a4186596a4c75e459a7434ac5feac082399da81033d1

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    5KB

                                                                                                                                                                    MD5

                                                                                                                                                                    33ab2192927ae2bbe49d4de805732d33

                                                                                                                                                                    SHA1

                                                                                                                                                                    77b19a36d63ec1c42eebb0f8f47fb9ce30165dd6

                                                                                                                                                                    SHA256

                                                                                                                                                                    2e58cec3afcfb4007ee5a8e798ec8fa69fd102a860b28e8a692c12fb48a2d97f

                                                                                                                                                                    SHA512

                                                                                                                                                                    6247584dbb5624703b0c5c3e5e37d2d35ee8166112b02d831e9976c051153606806d8df02e9b2278f327955116fdc9d4885cf6b2bc3d2aefb093638bed4bba9f

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    5KB

                                                                                                                                                                    MD5

                                                                                                                                                                    21ec854c91643a34bc91f42dbfed61bd

                                                                                                                                                                    SHA1

                                                                                                                                                                    d26c522fc1f3e6a99caab0a46b4c5bf6852179b4

                                                                                                                                                                    SHA256

                                                                                                                                                                    9e8791daa1c93c59f65b81907175e397697e298ae4f2b50565b02e91774c5b8b

                                                                                                                                                                    SHA512

                                                                                                                                                                    8d3303931ea28bdaa48a3d7a56123698eb8071d69a7a8030844e0af0a78a8370c32fb1f43214ca905c9520db6b4c1d7eebc929cd745d900eab21c6bd63f542d8

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    3KB

                                                                                                                                                                    MD5

                                                                                                                                                                    2b6525e01cd622775b46f33fbe6c7cc0

                                                                                                                                                                    SHA1

                                                                                                                                                                    0232cad2984774fd0576138286f40483d4bb7dfc

                                                                                                                                                                    SHA256

                                                                                                                                                                    b68e3668c187481ecbb1fd1ac669a4faa0c58f8d7872b18ede26f9d92215299c

                                                                                                                                                                    SHA512

                                                                                                                                                                    6c4401426aa885d92e6220f3e8e16f57ebf06ca4789e22341f27b2fb85b5bafd8a3ad20658905d354f4cbaf05b45ebde74c6eeac59a9987d87aae85a137ca9f4

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    4KB

                                                                                                                                                                    MD5

                                                                                                                                                                    57e74763a0487d23ae826227c7327111

                                                                                                                                                                    SHA1

                                                                                                                                                                    83e6d0c9061b197181089e1881da045bd3908503

                                                                                                                                                                    SHA256

                                                                                                                                                                    29c7f648d81b3e940e65576856748b5f1e7253ebe94c23b3c2dec5c08fda65f1

                                                                                                                                                                    SHA512

                                                                                                                                                                    0b8eee4ee4d0ac7f4bd3b0d6ef583f4424d54898a3a1500c826337f9ea06a7bdfce08cf5527320a5888b43f8c64aa25eb46260812f290573eb7a1596a4c9c0b2

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    5KB

                                                                                                                                                                    MD5

                                                                                                                                                                    4d74e4100e9f0c514d7973824e1f32cf

                                                                                                                                                                    SHA1

                                                                                                                                                                    59e7a5f7b6e14dc5153111ab660c33e6a282fe12

                                                                                                                                                                    SHA256

                                                                                                                                                                    7b71faf071f572a910250c432ee04404f3ef2bf5e17f5fa5701966510fdfc746

                                                                                                                                                                    SHA512

                                                                                                                                                                    6d47edbf99cc4786e128fff6e6d01facb1c05bb14b82874418d633bd3c93e14226a4d0f5a392857f64dd65685f3a34d1ee6d046c8430b9a39f6a096aea30cc73

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    4KB

                                                                                                                                                                    MD5

                                                                                                                                                                    12bc15a0935e8c20ba476748a593891e

                                                                                                                                                                    SHA1

                                                                                                                                                                    5dd51a5e4d27a681ec36b051e680b60ff045ecbc

                                                                                                                                                                    SHA256

                                                                                                                                                                    67527ae76ffb5560c42066717fcb91f261acdf369e8b57c50e3f5143696c527d

                                                                                                                                                                    SHA512

                                                                                                                                                                    0d4c122af67ba75bd412d44710dbb2658682e25299b3aa8d23440ebdee0b5a0e98de571683f440cb276ed80164a26697420f92294226698accb729f750d21797

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                    Filesize

                                                                                                                                                                    5KB

                                                                                                                                                                    MD5

                                                                                                                                                                    16918765bcd33f93239b0ccd2a124cf7

                                                                                                                                                                    SHA1

                                                                                                                                                                    e9cac474ab62c295add9e4b97dd1343f64386d3a

                                                                                                                                                                    SHA256

                                                                                                                                                                    8d42b3b290b099b003d86c6d837a24e24c1a5ac2c6c546a835dd25e9d2c6ac28

                                                                                                                                                                    SHA512

                                                                                                                                                                    01b40f125103c3a4e6efb68878bfa5cf496e072ab56d1ff2b93e2175491f973c46de0480eadac07d66fdcc6c3671fb5e4018fd0b585cf6cebbbca202f924705b

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c7f3.TMP
                                                                                                                                                                    Filesize

                                                                                                                                                                    1KB

                                                                                                                                                                    MD5

                                                                                                                                                                    1f69297caaf28a5209fe6c4f8cf31514

                                                                                                                                                                    SHA1

                                                                                                                                                                    1c54f4fbb3613775db329feb0c3e0467e412fb01

                                                                                                                                                                    SHA256

                                                                                                                                                                    e6381d93f65d9edf091bf13d0d4b7319cb1a66bc45ba91d2ea01ac900b9b629c

                                                                                                                                                                    SHA512

                                                                                                                                                                    8056eb066f9a092ac7bad1263196780c0e85e7ac7880b40fe63e4dea57a66bdeead040882d011bf8bce75ae73935acd38d37444a46379c6d524293d0b4476e7d

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                    Filesize

                                                                                                                                                                    16B

                                                                                                                                                                    MD5

                                                                                                                                                                    6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                    SHA1

                                                                                                                                                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                    SHA256

                                                                                                                                                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                    SHA512

                                                                                                                                                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                    Filesize

                                                                                                                                                                    11KB

                                                                                                                                                                    MD5

                                                                                                                                                                    c048211431f93808565e47aa3a29afee

                                                                                                                                                                    SHA1

                                                                                                                                                                    ae741c532153a93713350b21e8f99fb1f4b82f9b

                                                                                                                                                                    SHA256

                                                                                                                                                                    5411cad524fd5d6cff32594289bcc4f1d43abfd60789104468d76d348724c296

                                                                                                                                                                    SHA512

                                                                                                                                                                    1151ff6048b683b0c9b6691885bdba3ebd703c3427e2715ed85c457748c4695d151f3ad15b043e6d7aed8d3f7ab9f71325487e55e9ef6701ac530d436afd1f86

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                    Filesize

                                                                                                                                                                    12KB

                                                                                                                                                                    MD5

                                                                                                                                                                    61140ea9c49e67de875bd2db876eccb7

                                                                                                                                                                    SHA1

                                                                                                                                                                    d0ddcc651210e7958e9dcf01db29321846110c01

                                                                                                                                                                    SHA256

                                                                                                                                                                    e5cece80ba5baa2b2ab5781d6e4be2229e569d8765daaa56a2ce8f8a063c7670

                                                                                                                                                                    SHA512

                                                                                                                                                                    a562a10f0e4c5e62421d124c3ab9ff46bc9aabdf7de3eb64bf41eff8b4264da2f1a768130acee112ba3e20d59f7795fff8d52f13b9c6d5c903d89c596767be7b

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe
                                                                                                                                                                    Filesize

                                                                                                                                                                    565KB

                                                                                                                                                                    MD5

                                                                                                                                                                    debca559478b491bd58c4594657f4216

                                                                                                                                                                    SHA1

                                                                                                                                                                    b9b760b8dc7b969f1ce9a5fedd8f7441a55e6e22

                                                                                                                                                                    SHA256

                                                                                                                                                                    6de332811fc74b85637326edb00a03c7c8687f7ef5c73fecaee870e037dcc0da

                                                                                                                                                                    SHA512

                                                                                                                                                                    1af6215f5d2dbfbf52cc444d8b34d2fcd55a0c2c6c4c4ecf3e95c492157f03c94af66f7d4e607f1e47e3fb7845118db8841d7eb232acd34ed777751e94033cb9

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\Downloads\MinecraftInstaller.exe:Zone.Identifier
                                                                                                                                                                    Filesize

                                                                                                                                                                    26B

                                                                                                                                                                    MD5

                                                                                                                                                                    fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                                                                                                    SHA1

                                                                                                                                                                    d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                                                                                                    SHA256

                                                                                                                                                                    eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                                                                                                    SHA512

                                                                                                                                                                    aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\Downloads\Unconfirmed 152222.crdownload
                                                                                                                                                                    Filesize

                                                                                                                                                                    338KB

                                                                                                                                                                    MD5

                                                                                                                                                                    04fb36199787f2e3e2135611a38321eb

                                                                                                                                                                    SHA1

                                                                                                                                                                    65559245709fe98052eb284577f1fd61c01ad20d

                                                                                                                                                                    SHA256

                                                                                                                                                                    d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9

                                                                                                                                                                    SHA512

                                                                                                                                                                    533d6603f6e2a77bd1b2c6591a135c4717753d53317c1be06e43774e896d9543bcd0ea6904a0688aa84b2d8424641d68994b1e7dc4aa46d66c36feecb6145444

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • C:\Users\Admin\Downloads\Unconfirmed 331590.crdownload
                                                                                                                                                                    Filesize

                                                                                                                                                                    32.3MB

                                                                                                                                                                    MD5

                                                                                                                                                                    e4deb3624e6d89f5f6ef22fedacc3f9a

                                                                                                                                                                    SHA1

                                                                                                                                                                    e0919c595923082f6ccf00fdd1fde3fca2d0c338

                                                                                                                                                                    SHA256

                                                                                                                                                                    e7b0b17e1ea03055fea83b1e6c7da387eb64ba064268140e3b33f1a15ee77eb7

                                                                                                                                                                    SHA512

                                                                                                                                                                    68a7304b531fa49998a0368c7d731549b155ca793237140b53dd9d190b7581c066f02f35bcdcd12e4bfbaae2ef560b1d75ec7a6d14fa3daa3a28b29dea0c3547

                                                                                                                                                                    Download Submit

                                                                                                                                                                  • memory/2304-1173-0x0000000007170000-0x0000000007332000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    1.8MB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1175-0x0000000007E10000-0x0000000007E18000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    32KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1177-0x000000000AB70000-0x000000000AB78000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    32KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1178-0x000000000B470000-0x000000000B4A8000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    224KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1179-0x000000000B430000-0x000000000B43E000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    56KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1183-0x0000000007B30000-0x0000000007B3A000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    40KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1184-0x000000000B160000-0x000000000B186000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    152KB

                                                                                                                                                                    Download

                                                                                                                                                                  • memory/2304-1163-0x00000000002E0000-0x0000000002338000-memory.dmp

                                                                                                                                                                    Filesize

                                                                                                                                                                    32.3MB

                                                                                                                                                                    Download