Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://vx-events.co...

windows10-2004-x64

10

Analysis

  • max time kernel
    81s
  • max time network
    83s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/02/2025, 18:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://vx-events.com/build.exe

Score
10/10
vidarir7amcredential_accessdiscoveryspywarestealer

Malware Config

Extracted

Family

vidar

Botnet

ir7am

C2

https://t.me/l793oy

https://steamcommunity.com/profiles/76561199829660832
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0

Signatures

  • Detect Vidar Stealer 31 IoCs
    stealer
  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Vidar family
    vidar
  • Downloads MZ/PE file 1 IoCs
  • Uses browser remote debugging 2 TTPs 11 IoCs

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer
  • Executes dropped EXE 3 IoCs
  • Reads data files stored by FTP clients 2 TTPs

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Unsecured Credentials: Credentials In Files 1 TTPs

    Steal credentials from unsecured files.

    credential_accessstealer
  • Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
    spyware
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious use of SetThreadContext 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 23 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 52 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 63 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 32 IoCs
  • Suspicious use of AdjustPrivilegeToken 28 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://vx-events.com/build.exe
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1816
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
      2⤵
        PID:2000
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
        2⤵
          PID:1744
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
          2⤵
          • Downloads MZ/PE file
          • Suspicious behavior: EnumeratesProcesses
          PID:2656
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
          2⤵
            PID:5096
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
            2⤵
              PID:4532
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
              2⤵
                PID:4036
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
                2⤵
                  PID:3592
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4004
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
                  2⤵
                    PID:852
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
                    2⤵
                      PID:3868
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5664 /prefetch:8
                      2⤵
                        PID:2352
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
                        2⤵
                          PID:4680
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6176 /prefetch:8
                          2⤵
                            PID:3604
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
                            2⤵
                              PID:1684
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
                              2⤵
                                PID:1620
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2000,2615990283811462997,15429823892090436554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:5944
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:5056
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:4092
                                • C:\Windows\System32\rundll32.exe
                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                  1⤵
                                    PID:2196
                                  • C:\Users\Admin\Desktop\build.exe
                                    "C:\Users\Admin\Desktop\build.exe"
                                    1⤵
                                    • Executes dropped EXE
                                    • Suspicious use of SetThreadContext
                                    • System Location Discovery: System Language Discovery
                                    PID:4484
                                    • C:\Users\Admin\Desktop\build.exe
                                      "C:\Users\Admin\Desktop\build.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      PID:5684
                                    • C:\Users\Admin\Desktop\build.exe
                                      "C:\Users\Admin\Desktop\build.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • System Location Discovery: System Language Discovery
                                      • Checks processor information in registry
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:5672
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                        3⤵
                                        • Uses browser remote debugging
                                        • Enumerates system info in registry
                                        • Modifies data under HKEY_USERS
                                        • Suspicious behavior: EnumeratesProcesses
                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                        • Suspicious use of AdjustPrivilegeToken
                                        • Suspicious use of FindShellTrayWindow
                                        PID:3356
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc01f9cc40,0x7ffc01f9cc4c,0x7ffc01f9cc58
                                          4⤵
                                            PID:1112
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1820 /prefetch:2
                                            4⤵
                                              PID:5288
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2184,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2616 /prefetch:3
                                              4⤵
                                                PID:5368
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2644 /prefetch:8
                                                4⤵
                                                  PID:4648
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3240,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3252 /prefetch:1
                                                  4⤵
                                                  • Uses browser remote debugging
                                                  PID:5544
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3272,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3352 /prefetch:1
                                                  4⤵
                                                  • Uses browser remote debugging
                                                  PID:5556
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4452,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3700 /prefetch:1
                                                  4⤵
                                                  • Uses browser remote debugging
                                                  PID:4364
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4604,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4576 /prefetch:8
                                                  4⤵
                                                    PID:2940
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4788,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4652 /prefetch:8
                                                    4⤵
                                                      PID:4288
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4980,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3888 /prefetch:8
                                                      4⤵
                                                        PID:2408
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5040,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5068 /prefetch:8
                                                        4⤵
                                                          PID:3232
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5008,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5068 /prefetch:8
                                                          4⤵
                                                            PID:4188
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5176,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5020 /prefetch:8
                                                            4⤵
                                                              PID:872
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5016,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5148 /prefetch:8
                                                              4⤵
                                                                PID:6124
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4556,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5132 /prefetch:8
                                                                4⤵
                                                                  PID:1928
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5192,i,8375650903854925524,7754470462096500580,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5288 /prefetch:2
                                                                  4⤵
                                                                  • Uses browser remote debugging
                                                                  PID:4684
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                3⤵
                                                                • Uses browser remote debugging
                                                                PID:6808
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0xd4,0x124,0xfc,0x128,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                  4⤵
                                                                    PID:6864
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1416,352344043346011063,13001688477613859819,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3
                                                                    4⤵
                                                                      PID:4968
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                    3⤵
                                                                    • Uses browser remote debugging
                                                                    • Enumerates system info in registry
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                    PID:5268
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                      4⤵
                                                                      • Checks processor information in registry
                                                                      • Enumerates system info in registry
                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                      PID:5360
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2260 /prefetch:2
                                                                      4⤵
                                                                        PID:4792
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
                                                                        4⤵
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        PID:440
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
                                                                        4⤵
                                                                          PID:6044
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
                                                                          4⤵
                                                                          • Uses browser remote debugging
                                                                          PID:7156
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                                                                          4⤵
                                                                          • Uses browser remote debugging
                                                                          PID:5104
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
                                                                          4⤵
                                                                          • Uses browser remote debugging
                                                                          PID:6228
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
                                                                          4⤵
                                                                          • Uses browser remote debugging
                                                                          PID:6488
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2248,18337987373669667271,8089235417505869193,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
                                                                          4⤵
                                                                            PID:6640
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 4484 -s 772
                                                                        2⤵
                                                                        • Program crash
                                                                        PID:5992
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4484 -ip 4484
                                                                      1⤵
                                                                        PID:5912
                                                                      • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                                        "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                                        1⤵
                                                                          PID:3404
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                          1⤵
                                                                            PID:3800
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc01f9cc40,0x7ffc01f9cc4c,0x7ffc01f9cc58
                                                                              2⤵
                                                                                PID:4524
                                                                            • C:\Windows\system32\svchost.exe
                                                                              C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                                              1⤵
                                                                                PID:3404
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                1⤵
                                                                                • Enumerates system info in registry
                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                • Suspicious use of FindShellTrayWindow
                                                                                • Suspicious use of SendNotifyMessage
                                                                                PID:3000
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                  2⤵
                                                                                    PID:2852
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
                                                                                    2⤵
                                                                                      PID:3400
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
                                                                                      2⤵
                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                      PID:6040
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
                                                                                      2⤵
                                                                                        PID:1660
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
                                                                                        2⤵
                                                                                          PID:4188
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1
                                                                                          2⤵
                                                                                            PID:5012
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
                                                                                            2⤵
                                                                                              PID:6484
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,7944080785531964303,8138037621034158540,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
                                                                                              2⤵
                                                                                                PID:6492
                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                              1⤵
                                                                                                PID:1548
                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                1⤵
                                                                                                  PID:6212
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                                                  1⤵
                                                                                                  • Enumerates system info in registry
                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                                  • Suspicious use of SendNotifyMessage
                                                                                                  PID:6372
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc01f9cc40,0x7ffc01f9cc4c,0x7ffc01f9cc58
                                                                                                    2⤵
                                                                                                      PID:6384
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2316,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2312 /prefetch:2
                                                                                                      2⤵
                                                                                                        PID:6684
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1720,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2508 /prefetch:3
                                                                                                        2⤵
                                                                                                          PID:6692
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1312,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2524 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:6700
                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3124 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:6952
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3156 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:6972
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4576,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4500 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:3456
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4568,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4580 /prefetch:8
                                                                                                                  2⤵
                                                                                                                    PID:6196
                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4852 /prefetch:8
                                                                                                                    2⤵
                                                                                                                      PID:5344
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4844,i,5595647612289314298,15342622765960606224,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4876 /prefetch:8
                                                                                                                      2⤵
                                                                                                                        PID:5424
                                                                                                                    • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                                                                                      1⤵
                                                                                                                        PID:7064
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                        1⤵
                                                                                                                        • Enumerates system info in registry
                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                        PID:1292
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                                                          2⤵
                                                                                                                            PID:4780
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
                                                                                                                            2⤵
                                                                                                                              PID:1244
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
                                                                                                                              2⤵
                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                              PID:464
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
                                                                                                                              2⤵
                                                                                                                                PID:2368
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:3224
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:6172
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:6860
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3600 /prefetch:8
                                                                                                                                      2⤵
                                                                                                                                        PID:1296
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,7190247940288068563,14006351010957840781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3600 /prefetch:8
                                                                                                                                        2⤵
                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                        PID:1968
                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                      1⤵
                                                                                                                                        PID:6316
                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                        1⤵
                                                                                                                                          PID:5328
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                                          1⤵
                                                                                                                                            PID:852
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                                                                              2⤵
                                                                                                                                                PID:6912
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8903761264080183532,7191155479688625479,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
                                                                                                                                                2⤵
                                                                                                                                                  PID:7112
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,8903761264080183532,7191155479688625479,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
                                                                                                                                                  2⤵
                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                  PID:7144
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                                                1⤵
                                                                                                                                                  PID:4600
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                                                                                    2⤵
                                                                                                                                                      PID:6340
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,5535594560407916396,3504860911006002135,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 /prefetch:2
                                                                                                                                                      2⤵
                                                                                                                                                        PID:6844
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,5535594560407916396,3504860911006002135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
                                                                                                                                                        2⤵
                                                                                                                                                          PID:7028
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                                                        1⤵
                                                                                                                                                        • Enumerates system info in registry
                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                        PID:6376
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                                                                                          2⤵
                                                                                                                                                            PID:4556
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
                                                                                                                                                            2⤵
                                                                                                                                                              PID:1816
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
                                                                                                                                                              2⤵
                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                              PID:4900
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2496 /prefetch:8
                                                                                                                                                              2⤵
                                                                                                                                                                PID:6908
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:5680
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:5660
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:1732
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:4996
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:5696
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3664 /prefetch:8
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:3668
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3664 /prefetch:8
                                                                                                                                                                            2⤵
                                                                                                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                            PID:4456
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:4616
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:6848
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2148,17534837219762691961,837405874339542554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6192 /prefetch:8
                                                                                                                                                                                2⤵
                                                                                                                                                                                • Modifies registry class
                                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                PID:6652
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                                                                              1⤵
                                                                                                                                                                                PID:6884
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc108246f8,0x7ffc10824708,0x7ffc10824718
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:1340
                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                  1⤵
                                                                                                                                                                                    PID:6292
                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                    1⤵
                                                                                                                                                                                      PID:6280

                                                                                                                                                                                    Network

                                                                                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                                                                                    Replay Monitor

                                                                                                                                                                                    Loading Replay Monitor...

                                                                                                                                                                                    Downloads

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      40B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      58bb69f9d75e86e708b20677f65a700e

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      23d0b3aab4cf783ae37883bb3a6c87e0dcad16b2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      a2409565f662165c6fc51f545fa20a4d8a8df11dac1f2d8f0fa451bfbf405ff9

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d3d88d0fca7c56f1d85b29201687b9b7bc9d6e4e35ed6f4ec8e8e8f9b325746343cc958a326a256ef0b0b336ad82ef8e6c3a38c5a3dacdc3e4733416a7958175

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      649B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      84d35de67fdc772e470286c573461e03

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      ce42be8941a88c9627241734a0bfe3c37c9dae17

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      34cac1980c7eced032db9d630fd7339bb9b370c86e67bc815e555b285bad2ef5

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a06c7d95d0b51bef6f91c62194f13bede5d84eb059dbb5df0e62562c2e6c867b6f6ec2a842e7bb888cd67a56314d9de5e9e6cb80f101810f74365799723cb4d0

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      851B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      07ffbe5f24ca348723ff8c6c488abfb8

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      854B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      4ec1df2da46182103d2ffc3b92d20ca5

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fb9d1ba3710cf31a87165317c6edc110e98994ce

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      2KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e8955782af432cb6e69bf4e34e48187b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      feb7ca4754205adc0846abf191f97b64251ab08e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      58117e5c7d753967711f3dc9cda418053259f3591dc1d6e6372f12e309752c4f

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      fc2916af7c2291028ac7c059e0992ee42647a1dce0ce69c66c12e08db76b85d71e2657ad3df91e21fcd92b5c7d7d6256a3cac824e566717050dfa30b6b44ec85

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      2B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      d751713988987e9331980363e24189ce

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      356B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      2756785f6c94f114a1f7bd2bac592a07

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      a194069a0b6db6b04d1bc5f8103753cf41c5e140

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      038579d526009f3550ff74c6cfa459498038f2fa3b803c63b38c67a2742253c8

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      6802aa6ad40d7fa900d3e6d46f03143198c6bbc8e2f482229a95c1d6cde39032dd62d30f09663544d0e40c2a4fb1a87d5503405b60ee97c87aea7ece1f5525f5

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      9KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      4ee3c386d6e6a55d17d5ac6e984520fc

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      28e323e66fc1f2ad8ada0f7a2149069e0a784cda

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7346cf7286b8c32f347d16358ed72ae3ce4123c9ce368979883632ceb7d3b734

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      3d918e418e658cf008ca883fa25ad8662b912f155fbc112af76a5607f4c9a7d4261e997386de5c8fe2ec8c2051659023d159cd91b8cc6afd119a51c9132067bf

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      123KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9216393d274b048762590aedbe2f8b29

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      ba7c403ccb764e2aee2e2beb58a0aaa30f5202e7

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      40e2d1de146d8066fbb35421e41b6d81d125b97253f1163348c558143c60af1d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a7239d82082d750e9aa5a52299e1d45aa35be5d9b7b7c17a6aa1217bfe335176dd7807ea8c5cf8fcd94d41bd3c015356c0d3a0e4381df24c42342c478a065b4e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\74ed81b5-b4fb-4f9b-9f4d-c4ba2885ea5a.dmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      888KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      360d64583e433cdaaae23be78f2a7714

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d7cbf1d02fc52473636df5ea1460974157c117b1

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      58996dbb26abb08d658c3423ea346234fd64af288bd19728a4630de84a241d0c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      361d5ad5451922a01f717f70eb04bdec80a3688fc71f477339a8fb4367d72b5c631991514120d120f5c7d6f60098e05505b4d36957636f3afe04c13e5992ae5b

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e4e54650fb0a7903f379034c9d82ac20

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d919492abb1872dadf1cd7bb06ee2b5015054077

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e5f9de12025a9ba17526352d4087a562df4db1a174441a12473fef875b8523e6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      06da3dcaf3033c152da33c0c5b633a759317ba9846deff164830364f7482057ff80870e0da0037601bdbda679952a527ffae6d4714d38b5ce89ea8e5395a707c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aa378723292221de057e05f75936b4c2

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      d1d52fca8f9ce32735017b9ef3e76c3be33fc2a6

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      48c30b3381ea9417e0c9e02534294378d28d61b6a382294d8096dd5417b6982b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      f150891a568036089dd727d5d8613fd86e0b528f95ca2887a1be937f59f0e450f2d79fb8b63149abdc47b72bf20085b444e8f8188e221a6fefba08149c7360fd

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      074e77caad8501493fec7ed422082896

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      24a6435c75643dbfd07571e138d80412f064d21c

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      596a12d60c6efd72c9c4f7c3c420c94a6e3c6674a1d066b8bfc653c9ce2b9136

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      5be5169500850cffdbba5b4a2421940591a56f61a58d227a7888ad6eb7a4c453391def929e7fd9e986beece4363c9a1ace7fc55cd44ab90f534bcb0e25bd0900

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      4b69db8e7a50fa87eff0b7140eac29db

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5dfbe5cea801a847162707b3a350e3811892e45d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      3d8fbab7fca1dc09e8ca447fc33ef0ec5ff8cb599370c8399bf699b98874640d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      537002517b867534dba48817f963a9e18c612098b113055ca50cd8063d9ffa1c198b58e6a21f2dcffafbb0f6f83eb49a12170506855bf9666fd2c4815b46657c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      287c76c3924312fb0765c40bc335fbff

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b1eec526644687d1e7bd20f696c49d4a462bb50e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ddb3e99f3d65cb09ab331c87d8ef3a712646bb93d85b411e12decf7370e5b8d9

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      ab52772e32472bda3fde6edbb36ace1f40b57fe715d4ee5600920ed113d46ce76e78a72abedd763aa0c7ee4b714f2b15191833f9cf4b5d82a55833671893e7cd

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      1ee911d3d9a729e7fe3639b3e5856e24

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c1c1057260886f7ff5d75a01d25c128aef8a1b7c

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b0639aec697a0200e8d4b14c2c185510b449f42bc5310ce2bc902db219d48867

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b502cd532794ef9b1e9c913333678d4a15cbdc22227821576a60fc46f166b22d17d879fbdebc71c9c8b928241999e1475a3e97809bf611f105815e05b147b44e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      152B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      798077b6b0b084294c904801e494477f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      256e4d24a6250d7c7349e78262a876ac3252cc43

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      dbe382fc5f21a1b408121e87a2a080e711e085d0c22ab6ea5eba388e5ade4b19

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      946fa0058074e1316cb7f631d4772143754dc2d9b5f49f085e814fc3abb1c2c0e486c054cc761bad159d02fa44de9671103b517b7f958f6b9d0f6be7838e21b2

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      44KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      3e7c0c565e1ca97c0d18e89f278755fa

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3361be4273357d1f9840f671479ab259fb84571c

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ee669b63e0e919d5dc078f57502e06ac419f53a4101d518d6ea99e31fdc61155

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      884b79935ea620cdb9f1d18eb971032a9281a5a8f29a63d204604cfb99cef9bdf44437e2a826c7b6c1248e2c5194703d07212ba5330f951531a678d4c463d0f3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      264KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      64bd308783d5be3fa0f77e5e9ae765f1

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      719a068a2b51f6be456c39883ef3b0b809af6428

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      164a4a8a90d11fbee883d75f8ece3e085a1e6f4316108a73dd4849472d11bbaf

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      51fffd4d5a6d30dd24c8ff8689ca4db7aca53f72f52c16a325a3d72bf69fb7cc00ebfbcae82a8da7696be2d46acce62aec15457f147491d06a110ecb8349bd89

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1.0MB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      61a839e641960bc922769cb666e8a2c5

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4a8d3e2a426e0736eb7064d51539c4f5d8c0e85e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      316ac1cbd5303ac9fa2167d3c695ae418e934887d274f9be278342b7f12d781a

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e818ec921e264744b01d6793620505b359e5974b8f9362cf9e6f0271288da2f1c014c7cb7d012bbe18dbb83295f0829bd56d9ba111fe8779f1f6d3a40c910825

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      319B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      09caa47f27b7cfce1cc91eaf45a74b77

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fad8fa7fac0cd12f4bf57c34cec29ad497a74c66

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d135e30e1c62df5dc69ca678c0910ab2a46869edd209fbcfb19f5c9d3deb57d6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      a9ad775f06d9dbf8875bfc92a4ff555640ce6c4111d8a24620b2513993155d77a0096be45aeae62dc3580994d9bea68fba1268bf5511f12d55ccae81a186c2e3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      124KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      25c5c4e21f172f154cc4161283db6cde

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      bb310c8f173a5585b7e57fc25f1346b5812b220e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d29bf84af9df6a4a2669711d3e65a856762e1a2bbe007e8c821a2c72daa13b6c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      62dbfd7e108070c43ba6c62fbf03192eaad124f944b13397568832f91b17f887623eae9690004747d4aa75d5d511b88aeb47bf87ef032779d1009d9faf325c0c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a9851aa4c3c8af2d1bd8834201b2ba51

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fa95986f7ebfac4aab3b261d3ed0a21b142e91fc

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      334B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f2c92d6e619fde1dca21461db490bc9c

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0f639e5f0b66294554f732ed4e7d2515ba7da836

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e4b2b7c8589b5d38f322aefe46c3c40bc0544ee7cc1fbf32a6cdc223569191a0

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      cb4099a9b6ebddc333c5821533f4e397a7414f111cc121c6cfe684a54744aa6e172991fd88a9c8a3a8291bcc41dc268294b93ccc1252a9b0168538b8e25e7a71

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      0ac1b1e41dba4545326356d3db36b736

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      f012c6c5fea6b272f1a479225fe8ba4ec5d8dc70

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ea73f777220e93cb9a147d4ac84e798ca926cdd24debd769f3a09e9f4050a960

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      83b085c49ed8cd210ef840297c5b00d0c532c291de377bfd1d448ed646bf0e7dd2fd12d2e53665599fc87189d25fa76d2673869adb07a316e9bb5ec173e627e8

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      88085ba2102fdfedde63a7faa5cd143c

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      14858fa7ba15dbc790044680eb7f10efa987b889

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      abd6f4d56485fbe264be0c8ba4d0b16b3500e34dcfc6f91df0d0a4100405c92d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      4d4cfa9eb47a7590fa9cf55fbe91e726366a4373af9213add98bfaced70474873675f4f58b186b8bd2f17ee8c63b0d408e70d20493d37061312e7de5fca31d3f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      ee7b89126583138f93315f12ac7eb2ba

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      69197eefeab399bab390d805a75a6547b6f0a353

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      82417cecc293b6e291df409d2adf67e76fc7a762612f64976df6b9316ed2e48d

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      15368b6642b898289775fac62ff17ac93ae745a6e4a5f101451ccfe8388b5a12b5644667c9d5c6c7e75c62040842815513a8d4bd15845623c4c8778639cfe6b4

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      7KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      075d55990ace4729d404bbd6c91607c6

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      0b6fb3ee49270f0db54fe5aac486f21870104fb2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      af05bf61fded6eb46615bc425fd443279912188b844d1d0a00a81a7e468e485e

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      be2e47367ef28bfb0f2823c711df72eba9436c989036fe7612030a3832e64e75d72dff1944bc407d763f03aec2b50ecb382237918e04a703d478438590d95759

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9c685265c6ae1f186a8a7261d9809c47

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      7fc2441cbfe53813844d096b9de69c6dde87ad1a

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      7ed2a27f2cef554551bdbd3db29a0453f4bf80b75abfc21197e57976e508f9d7

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      be16c1b2007cf292cd543cf65f5e96895a5eb9aea9c937e8bc202df3c7e26a4d944a5733d898d34731e5d84147a82dac08f27455ec83e7d4b91def9e4775bacb

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e353d187ed0f8f3c89fd18e2bf2bff63

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      f68531c57a28ec61ba0ab86e97f3f297dd97d73d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      c827c86da21cd0a102479c2cd975609370f432623f3cbd65449c1a1abd41c474

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      487523d0559045ab4843e6b74857a9e71614fb33493b7e4111ad99cedf6485a78983fe811f3a8012aae0e27780640d0f1249b6d87da65c6ef64bedc66e1fee50

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6421cf38ec7020782e881d2504b5bc2b

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      479591363b2a2633e87237e2922556a4caad5d76

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8d2587a4a0b7d4e1752b3e073956c94b410820948dfd5ecd6a124cb1dddc377c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      258b9b62d22c5a8106d3c0cfd3d32262876230a504b1c82395e8b4066f89ce4c1800ecf22a40c5f137017641be8b39be1c5824868dbb694f31da4f95fc990a0d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      6KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      a40c0cc17cb971fea2283ce88a3e4828

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      fda768afffc0c4f11c2deef3204ea3e46fd9ce10

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      36ef3777ca5fd915b351ee324dd2afcb87f0dc2a973ed2bd81cdf363934df8f6

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0a90c00d4371ef934c207adfaad869d1e0a2e88ad1dedd904cfe9fe80ec9c1a8822488cb2e27b2ff7365abc1913f2d753c3fc4c839705032788bee7e76e98cd3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      24KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      12998953cab3415bfd740ab071b9889e

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      b919bede30bfaccd6f058062ef2483e136f23077

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      015eb45910f2258fbf839b8f0188e679555a70f90de7fa6828e49b4e328c2259

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      912e9c06836623ab1a75b9ba7670454f8ba129811478a35561d6a16b5291b6ef34a206af810e5877c49464c264661bfa37666dc7360afdd906b63093582ede58

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      175B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6153ae3a389cfba4b2fe34025943ec59

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c5762dbae34261a19ec867ffea81551757373785

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      93c2b2b9ce1d2a2f28fac5aadc19c713b567df08eaeef4167b6543a1cd094a61

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      f2367664799162966368c4a480df6eb4205522eaae32d861217ba8ed7cfabacbfbb0f7c66433ff6d31ec9638da66e727e04c2239d7c6a0d5fd3356230e09ab6c

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      319B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9b9f022deea46f9788a14f8bf8237a13

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e9b187c1c10029907ddcaca4614ea18c58902486

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      6194331a9c8198364eb81ca2be2bd1fb938363bb2c9e651f2af445b8e5b0f66c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      e68c5abbb627c3f1e247cdbe6790c45d816bd405fea2a1f19ddc7318b5c244049927eca532e228646db44c4259b9646655c0cb38d668e842576af05ddf3c3ef3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13385066908403783
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      933B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9ee52c296425d665287d2d2895773f59

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5080f7df3fa3349180f15787eace9fdbdbba78b9

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      47f0cde3c60c8cd79435beb3e6b8af2229e3eee14bae83307722fbbbd28a5126

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9c96adf1461c031c5ac63ba40cd80a71388bc4f3f9b45dc7a5234eb2d918746251af7391a7b8db9a140f6a94c1e37ee5431d088860c25aba3f6b70817aee7c38

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      347B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f447729a5cf8a52e7cc23854794cbd13

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e59ed899cd2d6cd4d05454afacf4259cb8002037

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e27a07c9586fb68e51c074c60e750fa21cc7df8b62327a3214dd3eda92cefcda

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      d43f7b23c6c78ec5cce2dfbae5470fb2eda012a214a44f7d53c368caa7f850737a07a0897f8c963a5c5e6cb486750d1f3fcca2e3a12ff810ec03734b84f1461a

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      323B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      e12d826095e57a59dd85b214738eae7a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      8b190ff1bf5d0f915dea4ff47bf1a2b1aadda0aa

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1ea1bb922615efd5046eed88cf1d9c9d1e123d1ea241cd3ef1d81e2ce9e26f86

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      13de31166bb137d602889f9c68e21d8a4490dd519f65857418ba9523a8358a7829a91f1506c74661160504aff0cbcebc4082d107b5437fd7bd92b41f4bf5a6b8

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      206702161f94c5cd39fadd03f4014d98

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      16B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      44KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      b36cabf98625f570493d41234c5f7dcc

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      180267df08f369c3936f8cb927e19e8088da0521

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      d919b44fd59cf59ae1da541d1b11b6818e56a23922c3588951c90e5535ee8b00

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      319511a9e9612d644abcbe1d6617edf3739250c97d423ea54ad280ab77d95dacb32f13ccb72a5e74957d7e5236e6efc04807c2b0a444dc424ebcfd563564d30e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      3KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      1cf7ecafc8039663702fdb572b1aa5e3

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e2ebbabf5705bd093bb91974f84442166509d699

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      282f1557577fdc39d79ee5767ac16745780e6476cc4c95f17745cbf6f76f769c

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      cf1e5d4303edb7a60fced3ee7b2d22300e13b0d5e91dc0ac2d98e322012d25af960c4981f5dc3767ce5bc7887e831f588cd409941cc8658b6df77d35ed97daf2

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      319B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      79427fdb1e3134ec0b39a53ee6875a23

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5f5820e976a51d517232f8056a1817de6c19aa2e

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      162c99c096a8373582d99cdae29ec6cbb5781637a980f751415df75364160661

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0807713cd5d716214cb6fb8c281b08c048beaaa05de3dbe7768c406fc7daae19ff6bd106fd7e9cde62a0f941c1082a40218232afa57ac9bfc8dd994130842d3f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      594B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      56cf5433253f370173f84ca8f390616f

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c9ee88c04bc467bc8dc4859ab21cf7383768d737

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      75b32765cf5c73b73f93437e00e8a9d52dce5b4c07cff958289ea53a5b816fff

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      55280a8888fa98855571e661d835daa279ff9028386498ef6bc1e0522f27aa2093d63a5b9e34b74e7fd3ae670c6f68519f2c0d33a9ac2647ac7869d2f98727c9

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      337B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      57ef02a77584c1d7179fd77d456ba0ae

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e8a3964ab6b580c6e390b34f358329c92a0e92a5

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2cac810eccc6f244c31f51967a6f47268aa8130c031d81beb2ba46ab318413ff

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9b3d39667d25643fba6e0a72ad12e4fe53b137198c601218d8720a295b1d9502871a18753bf14085956d5a0f8291ecaf7fcba6f6c353a5af8dfa4691b836ce19

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      44KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      aa53929ade304f907ae114021083d5df

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3f552e11300a7dda22330220ef0aafdd7e56eeea

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      8ba27d9e05b46f697d923da10e9919ea714615e3e44a8e439004be0f18abc651

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      48f6c3a1726bedb14eefc137b8c874a7cedc408b4c884e0ef866eba852a60770f6290a8cbeec285ffb678a2488661f8e936ed6ccef863c97b638c144be47379f

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      264KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      921cf5e66f0731dea8b560c52e190bc4

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      e99e425b8e8a4027a053be581122c376640e73a0

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      612ad013a9a5a7ef286640fa44f7a79f336a8c0a08afe175874b7bcaf543bce9

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      af52e74924cdcae09d9657a3d5773bc126a7653558a1fc138c3ff8dfba5cfa69a2da410e20c9f9fa313fa99b577ee7d12ce93b82efd0ae0e516ffa5c5efa2350

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      11B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      10KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      9a3690cc82d392851a315d9e76a08b70

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      962dcfc6b343e87a37f59630026c02df733264d2

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      689e6c20b78095da87d2432043addf2bddad65f67493effd13d7cf1e3b60a457

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      10ce554bb6f213fc6ba4cebb487df0e3beeaafba5c41791dd5d363b18c504715efe5cf846ded74912d3c7c8f1f697cdc5c9068a59d1d17b49344064838e1cfda

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      10KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      c24f6c4b5f483e1d3bfa2b7c995b9b3e

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      145c039e553ecae9692a7f8363e5adf891644034

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      3ab3efd4cf9ebf4f2628273e8211e453ebb5cfd63af33ad55f86761bf1697894

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      dd65abee59f498a1e7222fa614fb345764b3ee0ba9b68c1d5163e447bbeb99fc943ca30e1bdab34d240f6520eafa146cc186e48fae9664249235f8c814064bf2

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      264KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      f50f89a0a91564d0b8a211f8921aa7de

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      28KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      45d24194a3a571504fcac3f104ae4659

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      a0f3fae5907286a43496e9449a6571f71bf8b192

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2bbe377fe824b809c882db0725197c7793b8914bdefca043c36f9272e464da06

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      bfd3a436f41a94a88beccdd51a94cd1525d171baa6aa66f79c653870f966287bcabf2eae76b7752f74c55c37e5677ad7fe7ebb875f51926c53ddf2d36210949d

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\800ea1a3-3d04-449f-b152-643110053964.tmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      1B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\scoped_dir3356_1500509652\84da11c8-984c-4cf3-ad5d-681f00b263bc.tmp
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      150KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      eae462c55eba847a1a8b58e58976b253

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      4d7c9d59d6ae64eb852bd60b48c161125c820673

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Temp\scoped_dir3356_1500509652\CRX_INSTALL\_locales\en_CA\messages.json
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      711B

                                                                                                                                                                                      MD5

                                                                                                                                                                                      558659936250e03cc14b60ebf648aa09

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • C:\Users\Admin\Downloads\Unconfirmed 529939.crdownload
                                                                                                                                                                                      Filesize

                                                                                                                                                                                      196KB

                                                                                                                                                                                      MD5

                                                                                                                                                                                      11f55c34bc3a925022890e513d97b1af

                                                                                                                                                                                      SHA1

                                                                                                                                                                                      c5e84d0973494f2ba79dc952d401e09e36d6d13f

                                                                                                                                                                                      SHA256

                                                                                                                                                                                      e6ecece69a1919271ece2bbe62c2fde40d29aa539bd3bc18d4b626deef423afc

                                                                                                                                                                                      SHA512

                                                                                                                                                                                      bfd5b754059f4afd17352f6d9570173a11d36bc52875017be58f0d78836b279df00c0fb49a34644e5c89ce7252a173607ccd5d61156bc2df49431d73849e698e

                                                                                                                                                                                      Download Submit

                                                                                                                                                                                    • memory/4484-178-0x0000000000340000-0x0000000000378000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      224KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/4484-179-0x0000000005250000-0x00000000057F4000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      5.6MB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-191-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-206-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-201-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-198-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-197-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-192-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-699-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-184-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-182-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-694-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-693-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-983-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-984-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-987-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-692-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-205-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1017-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1018-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1022-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1023-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1027-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1036-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1039-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1040-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-207-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1047-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1048-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1051-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-1093-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-211-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download

                                                                                                                                                                                    • memory/5672-214-0x0000000000400000-0x0000000000429000-memory.dmp

                                                                                                                                                                                      Filesize

                                                                                                                                                                                      164KB

                                                                                                                                                                                      Download