Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20250217-en -
resource tags
-
submitted
11/03/2025, 18:21
General
-
Target
http://inbox.bettermode.de
Malware Config
Signatures
-
Detected google phishing page 2 IoCs
-
Browser Information Discovery 1 TTPs
Enumerate browser information.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 36 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://inbox.bettermode.de1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd4deb46f8,0x7ffd4deb4708,0x7ffd4deb47182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:32⤵
- Detected google phishing page
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3432 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1816 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2188 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2736 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1008 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6664 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1228 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,16957173433695216116,14523073176070678993,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5ab283f88362e9716dd5c324319272528
SHA184cebc7951a84d497b2c1017095c2c572e3648c4
SHA25661e4aa4614e645255c6db977ea7da1c7997f9676d8b8c3aaab616710d9186ab2
SHA51266dff3b6c654c91b05f92b7661985391f29763cf757cc4b869bce5d1047af9fb29bbe37c4097ddcfa021331c16dd7e96321d7c5236729be29f74853818ec1484
-
Filesize
152B
MD5fffde59525dd5af902ac449748484b15
SHA1243968c68b819f03d15b48fc92029bf11e21bedc
SHA25626bc5e85dd325466a27394e860cac7bef264e287e5a75a20ea54eec96abd0762
SHA512f246854e8ed0f88ca43f89cf497b90383e05ffa107496b4c346f070f6e9bbf1d9dc1bdcc28cad6b5c7810e3ba39f27d549061b3b413a7c0dd49faacae68cd645
-
Filesize
62KB
MD5c813a1b87f1651d642cdcad5fca7a7d8
SHA10e6628997674a7dfbeb321b59a6e829d0c2f4478
SHA256df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3
SHA512af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b
-
Filesize
70KB
MD5638b28824ff7d2a8b5eca31267ffaf3d
SHA151c91fb5de5248d6dbbe194565231c4bbbc197fb
SHA256a2477313b8f9735a83fff20ff6624d26a13c893601a3cf6148bc997022913011
SHA5120eb506d4d9f7bf3aef60dc2d69135a1eb6c9748eca15f721cf5310a7bfe131e21c3504dd75ad986ddfcde907cedd8522caa64845de1794000c2fe7a477189af5
-
Filesize
19KB
MD51bd4ae71ef8e69ad4b5ffd8dc7d2dcb5
SHA16dd8803e59949c985d6a9df2f26c833041a5178c
SHA256af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725
SHA512b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863
-
Filesize
63KB
MD5226541550a51911c375216f718493f65
SHA1f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA5122947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516
-
Filesize
22KB
MD596d62d11a7c9b511dca96ed57fcb458e
SHA1297edf50f1863ec95b0f47132e4e024100966d9d
SHA25618cb228c1722ba8f957647d63cc04bb0020e2b8a0893c4e8bf1ad5187c51ada4
SHA51232e65639ac20ad59ebbb9534074b9cdad017bd9f019437e33b077b3fc8dfd8c6394d08a68af68f14b928e817ffe098db4f167f3c629ddc6ba61c0e08666d14be
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
2KB
MD55badfc20570ee85c7316d769f5774d33
SHA1a6d7b55125ecd553d92ea700f1d021c0388671b8
SHA256e549b5f7f4b903ad2331d06f1b5fa05ac6f481a827ae4862baab37ada7976c25
SHA512c78a2b2b9059f045beb18879d219aaffe0c0f62b7453be349a59c8bcaa69985e7a55573bcf87355d5ef440d18f3cccae61c41c8a805e6d6224d358526d377054
-
Filesize
5KB
MD5979a768e4eb3cf24e8ff92b846668c45
SHA1ec7f4e57106446c4ed05808df349b4096826bbe2
SHA256cb032f85e00f24820a1bd01f726c7a7e7406d05e9f2ac2bc8f2bd49170319bc6
SHA512cfe6d78ef332f50f0be3b75cea5eb3d7c11dfd0fb00d18273460ff227fcac34e2d57113883194c6c67ce1cd0e3d0402fc392d9b652e207eae805c27f167291b0
-
Filesize
9KB
MD521743e5daac1f1f58eb7e56d42d240d6
SHA16410d8922c903e51d1917f619ff73180c28e8122
SHA2564517d5d48fce307c9f1540c97389eca9f2d33a856072e260cf84dc7dc2f56a79
SHA512fd9adcb5600365e8989244b7b4829a5addf0ba968063eb9b65fb1be70de63c4909ec8c5c374c53464cec74402b8a8660ab2cc3c41faf49578ad713e4c7f4aa25
-
Filesize
6KB
MD5f454ddc00434bbcca3bdca27feae62a8
SHA146d476ff83cf568339f601fb422daf15d118f98f
SHA25611fee122fde917720f6b73b5ee7235b8f7aef2e5aa27d17c4d8d840c0db9d4f7
SHA512c01919d9b98b8184a654f20d45ce2cdff78a613624933915ab3ac0ddfbbdf857b4203b48c89ec82eca5595e04212c6ab992ea5ab1439e5b961a67a575ec6f762
-
Filesize
7KB
MD583edd12ee31473f56c354b7efed06b29
SHA1df872cb9b9007e1c51cff51cf7b9b313cc7bb65e
SHA25677792d8089357f53f63fcea00b4718edb95728e81890e605bdec77cb0bc9827c
SHA5122b93a9008fd4b83e689f8afa2bd5b74b55d4fdf49c63d2e21bace511b20922d2040d856a9bf4dfe83ced05f9b231464aa4382afc07c67d98b07cefb8e1a5e640
-
Filesize
9KB
MD54e271929f3aaaff24431dba9a6cc773e
SHA14f2fbcb5ee5fa11ba536fcf30568873d5b7f7206
SHA256016c35db466479e9179efe4bbcaee0dfdc7e851fe4321d97ee1791736e80a09f
SHA512cb138e0e14afab1683a1d5d1f325a0615e1668c938b04ff830706ff18b81b7f599cf4b216915cc343b9ba2cf20ebf7d1988ce5ca331a04856fa05b7c88420145
-
Filesize
6KB
MD55f1f7ef4998eb34f56f682c9acbbc4f1
SHA128264ceba526714260cb3dc2f5a33dd2018cfd41
SHA256e44d695a3f55dcb6b994a4990dbf279743974655c79798248df9cf005a8d5fe3
SHA512e6ab9b67e1e48187ec6dd90abb30d9c07d66d9ee899d95d6101105c54459965246b591a4d5275a63805f1166ec6599c7adaba1a9a508d26cd3df75daf90e1826
-
Filesize
7KB
MD540d5051861996dd6ce35c65eee36005b
SHA12dab88a97003a610c3cccc785f8b9a24bce475d5
SHA2565c339959b40bd50635bd5f4bab11d3dc8ecbee9cb67d522115a9f67fea131d0f
SHA51244a4b7ec884af676edb184079116ef03f1ecd22fc8f47b562b7ea29a3493340536e81fb5ea92ff726cc5c429e45bd93db48ee1c2d36f2bc6ad93f4985086ab99
-
Filesize
9KB
MD537eb091e7436ce1b63c0f2a199a86d2a
SHA16acaa703fcae08c72487e1b8bec6b7380bb7eb3a
SHA2561906a43414139f8f99db9d892cda2024d802ec0577d6dea8183493bc4bdcb605
SHA512c95d4b9f51ae68261138833c0d3a4a502fc90af50afc0f5298663caa228d44a22a41d62f20a1c6765bf901b49cabbaa1c418cab238618ad4ba9876ced6de1b13
-
Filesize
5KB
MD55083fef3f175d5c5b7a2ae9f39115f78
SHA1c378c3721e40122110adbe1d0493072ac19de22e
SHA256bede1b9261155f3d7ae8b561f2ac7e78662b8d421e23780d44906439d7698595
SHA512dfbae4c251dd0b3c87042c597094a94c174e4628249a4860543c021ed37499be195154d3f0e6b2ffe22a3f4d7df67fae0c50abb9c37c151b438f9e559fc95156
-
Filesize
9KB
MD51cae12e0e60bab24cd429ea8a79ac1b1
SHA156a364e2da15e3237e7e4f65e4ffb5f9df8f395b
SHA256b8717548242a786c1b5cb1ab7cf5a1da0af89b409b8268495ff0fb25c70d1a78
SHA512caf6219bbff47a9363b976425911d0a2bcfea80f9225f8a2813d86134ceff06f6ff15e4aa3f22de56f7308600d09df7d0484963b87ace9e36af1afbcdb0990c9
-
Filesize
6KB
MD558be0c048b3c5bcbee882efde7fea3a4
SHA159530dc8b6d8ff6f7402afd0a79bf0092a406906
SHA256bccdcb94828a05630e2d5443cdb6796a963dbab6604b8902e230515a8f9c736e
SHA5125babfa374ac40b44183d007fbe5280d80ef0cef8abff5ebdf940221aca4e2fe948dbf8fe8d5f31944a69f09a8aa9e14980679bbfd9602c882abb731ddc0d488e
-
Filesize
72B
MD5c388f0d11f64498e2045211f40076bb9
SHA15a0e125d33f642cd1293028e324e6b8de63e5bee
SHA25699d7357ee85e9f60e64073f0eb463e5182e6c10f014a0378c697a514cce2c24e
SHA5125d328df812bdf678f4794931647d0aa2ac431266aa8898325a65d52aea6a30a28d7b4778623ffee70a0d0c4a5f30524cc3b5c09438debd42094d7c67417843fa
-
Filesize
48B
MD5bfb1fff6507bdf22f3abca86fccd11a0
SHA1ea85f73cb0cdf1749876cdfb44f691b5a32c0e68
SHA256ce6564c7d88492314f0117c25a54b5e88a46b075057080f75a88327171a6dac7
SHA512a32efab79f0abc849b0619404d25fc3e476e223cb387ab4be5635c72f2675c63fe85bf1d9804f922bb03890900baea017facb1a540ba1437cc80e0dc5a9429b0
-
Filesize
1KB
MD51d95d79e08f4a3cb3f5f51532ca400e6
SHA129dc9e8db84ad24163c4c42e30b8a5cef6ebf2a1
SHA256272c6eef78573929e5a4220845f77156741f0cb717ef78373487d65b26fc846c
SHA5128c082e9910792313f1bf19739689d5a632bafd8a51cddd90543c9e62b00faaf3bb42dbefe6691f1c332f50cc39cf07183844e15ee58188b0bec4e57bbbe0801c
-
Filesize
1KB
MD539a88d93285da625c2347c4f21033577
SHA1363b71586cd9e5267107b7ee7b93b6bd2505608c
SHA2567d088af917bc73c8d5cebebf1329ee2a81855b49822aafc20133dec858b26b7e
SHA51219c5b95f19acc2dba82ffeb3cf88910d2d13973d5d0205876acca06bfeebadf0ae871e19714be97677ce5a121a61658ae4371b4fcbb2a7d649958186f42b54cd
-
Filesize
3KB
MD507a8bd1687bda82fc71497bc9e03f71a
SHA17989c8413210a4b800b77028794d0a162c81b469
SHA25606e9bbe2a57de2acc18f899dc1a054bce8e2c05fb0625dbf35a1ce4a39177741
SHA512f8aa63740377e6d351b6abffb6af67184106ea52f62eb817c0af06d92f939e1bdb16062349fc0019fdabf50c7fbcc9be16879d62a2f17822a8f18f36eac34cf0
-
Filesize
3KB
MD546d33d0032a0b8deb192c5c49bbae026
SHA12ba80ba32c56eb4569130059f21484fea2acd082
SHA256fb79358b2eea48f2a351127fd5a369f439821601882b9fdf37e0d119475e0eef
SHA5121350d220d27924ffa57ca49cfa99f4544544c71ab2a19abba679b453e0958eec454ef2b9102afa2b7ec902d7c74872247487d6c930781a39abf8fddc29ce6e12
-
Filesize
3KB
MD59fc40e01c296560a38ce0b158c49df76
SHA10a026a52250559b0fd5e41816d039dd742d0a86d
SHA2566c136620aff166f234331d989ba92f302157c09f018f6bf882d876a259856e3a
SHA512106db2bfd02891135bb0c8f0d38b844d6f2f990de9e0e4f02de797308111a844feee32c52675f8a27485384387c93619bb1c74c29419aef5b7f960093ada0882
-
Filesize
4KB
MD52d060e29dca37f6f7f9d40ee28701694
SHA17c5c11622dda52f58740f4453769de1677d96ba3
SHA256fbbcc88a9998e312728e9af06a00b249f16c930ef05a4e0cf362f16a4217eb8b
SHA5124340cdb5c1658de8e71655fa8d791c8ffd166e2eaeb49274b256a321add635b76f840ef0a453b9d345f37d1b8e1698fc07897238b110b4b1f4a9c08deff6d44b
-
Filesize
4KB
MD5c50d03d904b56b45c969e910b55e991e
SHA1e0358ab8299f57dee268e6c0fd87def750dfabcc
SHA256ae47b72a2a503b97994b79ad192ff5eaa3ab655cf6ad0c2991aaba7dfb2f5480
SHA512922599c41863891c31f6080486b1476d3f71d5a5bb904b61e0d39d4286477b0f66dd540f73a925d3add6834a4e2276bdb68eba1f87cacb830eb366626b01aa48
-
Filesize
706B
MD5c37128667a7f761d05507d31b3b77504
SHA19b0f0a7c162d9224454520fb83391d93d7703b36
SHA256f7e5341550fcd07eab702a6a77d395ab7e52f62e8aac877eaf2bdd6c5c84d40f
SHA5129c24c8fe7d32270ed8557be47e6f4f7d14355dabd40885b307a2d10974d5a9b4be900a39db8ae3db3f4affaf84b368cb6dc0108a4b6ccb0974d5ad8ddd96e76b
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD5fdd68726178ed74bda8a6b4cbf10fca4
SHA1e874819d3464a7789d8ef3732d494cd19cb09b0a
SHA256737e6937a4940bdf69ad2f16713c81a8d1d6e992e529189ef49258f8785300ce
SHA512ee48ed87d541e80ce363c6481a32a8b85d17eb2be5d61a227f1f4acf53058de7a05f86fa3319c0e5e967fc8b50809105cb1db6104f2f4adaed3c320e21bb3129